Overview

overview

10

Static

static

10

Robux.exe

windows7-x64

10

Robux.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    16s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    16-01-2025 19:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Robux.exe

  • Size

    274KB

  • MD5

    b3dca103204683157780d5562579d100

  • SHA1

    61a249df0a3ce1849b7047e252a323c9f26e44c4

  • SHA256

    8077c458cca5d446d5699c86d18cd2ed03507f59ab09582a1147e17291f33c65

  • SHA512

    89c4335aafa72a286b34460790abe4aa9e035db269f9b5e451a85c98326aa87b31d60a6742125011a54f421283e11cc5cf56d7fccfdcdff95d36dac21abec556

  • SSDEEP

    6144:Af+BLtABPDOpJTNN6eTSUdZ/pOlYeJqlA1D0FkB:ppYSSUdZ/olYet1DHB

Score
10/10
44caliberspywarestealer

Malware Config

Extracted

Family

44caliber

C2

https://discord.com/api/webhooks/915691701547446283/wUW0ZMfS9Ea3nfJC3GBW1nyVurXzKmQnFhIAcuEwGucZF2JJhh8YakLcl2RpJb6iFOek

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\Robux.exe
    "C:\Users\Admin\AppData\Local\Temp\Robux.exe"
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:2480

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\44\Process.txt
    Filesize

    431B

    MD5

    19655056046947daaab3f22aefdb20e7

    SHA1

    01ac49cca7b320b87fd351fa9c2a44ef056b3bee

    SHA256

    8c914264ed02e4435433caacef3092a5369e7b46aade13e4b58b889768a4aef9

    SHA512

    0f8975c7416bb72f52a9131482222abc444531e1a9b6a251dbae587f80efa3fb39240365d624dc5579542b80244d5e2b697aba64c87027b9cdeaac9e0c91dd35

    Download Submit

  • memory/2480-0-0x000007FEF5BE3000-0x000007FEF5BE4000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2480-1-0x0000000000FB0000-0x0000000000FFA000-memory.dmp

    Filesize

    296KB

    Download

  • memory/2480-13-0x000007FEF5BE0000-0x000007FEF65CC000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2480-53-0x000007FEF5BE0000-0x000007FEF65CC000-memory.dmp

    Filesize

    9.9MB

    Download