Overview

overview

10

Static

static

10

RBXIDLE.Se....0.exe

windows7-x64

8

RBXIDLE.Se....0.exe

windows10-2004-x64

8

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

LICENSES.c...m.html

windows7-x64

3

LICENSES.c...m.html

windows10-2004-x64

3

RBXIDLE.exe

windows7-x64

8

RBXIDLE.exe

windows10-2004-x64

8

resources/...te.cmd

windows7-x64

1

resources/...te.cmd

windows10-2004-x64

1

resources/...te.vbs

windows7-x64

1

resources/...te.vbs

windows10-2004-x64

1

resources/...on.dll

windows7-x64

1

resources/...on.dll

windows10-2004-x64

1

resources/...do.exe

windows7-x64

1

resources/...do.exe

windows10-2004-x64

1

resources/...sw.exe

windows7-x64

1

resources/...sw.exe

windows10-2004-x64

1

resources/...ies.js

windows7-x64

3

resources/...ies.js

windows10-2004-x64

3

resources/...cmd.js

windows7-x64

3

resources/...cmd.js

windows10-2004-x64

3

resources/...mon.js

windows7-x64

3

resources/...mon.js

windows10-2004-x64

3

resources/...log.js

windows7-x64

3

resources/...log.js

windows10-2004-x64

3

Analysis

  • max time kernel
    85s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-11-2024 16:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app.asar.unpacked/node_modules/node-windows/bin/sudowin/sudo.exe

  • Size

    20KB

  • MD5

    98cfa945795d9185d64518a8b7ab38bf

  • SHA1

    64de54cd41ab3be000406785ec9f1ff9bac8f57f

  • SHA256

    922754cfe2c6cfe1dceeaedb74fc00367e9613afd0ad8c9e42ec80a81d04d49b

  • SHA512

    12a0d9af0c4c43804f6c244ca3b212a5ff3c694d990b9336a922975bba1a0f31b9e06fb1934bc9a4164c7d090f796ae9c62cc670e9fc4021d7e7eeaaa0641932

  • SSDEEP

    96:74RH/g8jFSw6euTpHAvybfxFa/zn+UwuVA8rTskEn1W1WuZB5MYYd2J1ltgQbFgB:74RTFv69UyLa6UXTizY0Qbu

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\node-windows\bin\sudowin\sudo.exe
    "C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\node_modules\node-windows\bin\sudowin\sudo.exe"
    1⤵
      PID:1512

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1512-0-0x00007FFDB4CA5000-0x00007FFDB4CA6000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1512-2-0x00007FFDB49F0000-0x00007FFDB5391000-memory.dmp

      Filesize

      9.6MB

      Download

    • memory/1512-3-0x00007FFDB49F0000-0x00007FFDB5391000-memory.dmp

      Filesize

      9.6MB

      Download