General
-
Target
RobloxSYN.exe.bin
-
Size
14.7MB
-
Sample
211013-cx45aadcek
-
MD5
bcdcfae9a899b140f7687b95eaaf7122
-
SHA1
12388fdb26324c23cfa970345cf7ce7182432865
-
SHA256
bd88392632a744b882a1aef098c863cf01d429641d6a79509923498ebd93aab4
-
SHA512
8c917e9cd5e25ad580a74958f6b8ec9847e5bd0467344378c860778b10ff0b2f23a387eec1205aadb0590db1bf52f85bc78094cd505658d68d4c7fb39cd82f69
Static task
static1
Behavioral task
behavioral1
Sample
RobloxSYN.exe.bin.exe
Resource
win7-ja-20210920
Behavioral task
behavioral2
Sample
RobloxSYN.exe.bin.exe
Resource
win10-en-20210920
Malware Config
Targets
-
-
Target
RobloxSYN.exe.bin
-
Size
14.7MB
-
MD5
bcdcfae9a899b140f7687b95eaaf7122
-
SHA1
12388fdb26324c23cfa970345cf7ce7182432865
-
SHA256
bd88392632a744b882a1aef098c863cf01d429641d6a79509923498ebd93aab4
-
SHA512
8c917e9cd5e25ad580a74958f6b8ec9847e5bd0467344378c860778b10ff0b2f23a387eec1205aadb0590db1bf52f85bc78094cd505658d68d4c7fb39cd82f69
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-