Overview

overview

8

Static

static

1

instalacio...ox.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    instalacion de roblox.exe

  • Size

    2.0MB

  • Sample

    230307-ah3a2agd64

  • MD5

    eaa7c4c1c95b9addfde5007f7d950391

  • SHA1

    2214dca2e8d2f5204a171524096786b2717088d3

  • SHA256

    8bdc4a080415af8c84897ad4b7c99b49834d690534cd1905c998d3668063791e

  • SHA512

    2aefb2493302283e4b3e7522708da784e28b24c18c38dca5b26a2c9b83839d8de2b8558c78d2db26d13fe93ba347810da10cc63727e31951d1351a54c46b2cfa

  • SSDEEP

    49152:20oO7pOph8nfCtHTnwa/gdV0ETGRMfPMQ3dSxtTX4b6PV/L:hH7p4h8nfCRQbYVD

Score
8/10
discoveryevasionspywarestealertrojan

Malware Config

Targets

    • Target

      instalacion de roblox.exe

    • Size

      2.0MB

    • MD5

      eaa7c4c1c95b9addfde5007f7d950391

    • SHA1

      2214dca2e8d2f5204a171524096786b2717088d3

    • SHA256

      8bdc4a080415af8c84897ad4b7c99b49834d690534cd1905c998d3668063791e

    • SHA512

      2aefb2493302283e4b3e7522708da784e28b24c18c38dca5b26a2c9b83839d8de2b8558c78d2db26d13fe93ba347810da10cc63727e31951d1351a54c46b2cfa

    • SSDEEP

      49152:20oO7pOph8nfCtHTnwa/gdV0ETGRMfPMQ3dSxtTX4b6PV/L:hH7p4h8nfCRQbYVD

    Score
    8/10
    discoveryevasionspywarestealertrojan

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks