314f7cd8b2c6783b838ad33564290a5b8df59c862097017e84dd4221350b46fc

Analysis

max time kernel
13s
max time network
16s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
26/03/2025, 21:40

Target

RBX_tools.exe
Size

87.7MB
MD5

23580d90ce54df1f45bf6fbe99468c19
SHA1

608a2db6b048ea97f9dd0642b5c8a8cb4e27f26a
SHA256

314f7cd8b2c6783b838ad33564290a5b8df59c862097017e84dd4221350b46fc
SHA512

fe220a4c7a79e977324952fcadeaeec4d93f603dbf981c1b9b0f8e8c81fd60c305413b580921adbf7a542a37d138db40682df41b627128d57d22474bb9b3efd6
SSDEEP

1572864:OtIupudNK/lo3oWLP0OkiqOv8im2AuMVE7BliztxiYgj+h58sMw7Pl8cJ50R:tYoWeYMMOknOv8i3hMKwRD5vPb0

Score

7^/10

upx

Loads dropped DLL 1 IoCs

pid	Process
2740	RBX_tools.exe

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/files/0x0003000000020ae9-1265.dat	upx
behavioral1/memory/2740-1267-0x000007FEF68A0000-0x000007FEF6E89000-memory.dmp	upx

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1148 wrote to memory of 2740	1148	RBX_tools.exe	28
PID 1148 wrote to memory of 2740	1148	RBX_tools.exe	28
PID 1148 wrote to memory of 2740	1148	RBX_tools.exe	28

C:\Users\Admin\AppData\Local\Temp\RBX_tools.exe
"C:\Users\Admin\AppData\Local\Temp\RBX_tools.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1148
- C:\Users\Admin\AppData\Local\Temp\RBX_tools.exe
  "C:\Users\Admin\AppData\Local\Temp\RBX_tools.exe"
  2⤵
  - Loads dropped DLL
  PID:2740

C:\Users\Admin\AppData\Local\Temp\_MEI11482\python311.dll

Filesize
1.6MB

MD5
ffd85743633296368dcc81c9ff0e8554

SHA1
ccf28c70bbf853dbd6cd258f59836f25774f1c34

SHA256
286483910be593ce685c0377463aa3250528fa22a08e1d38e831659ed81f12c1

SHA512
65b9baaf31abd0a71571c6567290fea86b986c6dba2f747cd24158226ef4a32af37ccf4ea461658c5822fda9de1525d8f4e19ed473c349c6d2db664d8d4c2b07

Download Submit
memory/2740-1267-0x000007FEF68A0000-0x000007FEF6E89000-memory.dmp

Filesize
5.9MB

Download