General
-
Target
RobloxPlayerLauncher.exe
-
Size
2.0MB
-
Sample
230328-jx2gqabe5z
-
MD5
88e64ec3895db7e1dadeb7e28a149642
-
SHA1
b566a1a6b0ee3b43488143c8ec3c69f4ca15d05c
-
SHA256
6408dbd08796f501baf4a67f98c859a6a581a41b1909a987b15e60d06f27fe26
-
SHA512
f723ab2546b6e91e0e3de90cc2bc0c32983fd9f307676a00caccadebdfab372f6889f0fca75d70a3dd39d875c0f2e40ee5a6d3b6130f99961d1f7b207a8b8fbb
-
SSDEEP
49152:GrihbF2YzW7juDDUrEC19YTl10auIyhhTxHMOPMQ3d2y7TMb64:84bF2P7jukrEWo1fbB
Malware Config
Targets
-
-
Target
RobloxPlayerLauncher.exe
-
Size
2.0MB
-
MD5
88e64ec3895db7e1dadeb7e28a149642
-
SHA1
b566a1a6b0ee3b43488143c8ec3c69f4ca15d05c
-
SHA256
6408dbd08796f501baf4a67f98c859a6a581a41b1909a987b15e60d06f27fe26
-
SHA512
f723ab2546b6e91e0e3de90cc2bc0c32983fd9f307676a00caccadebdfab372f6889f0fca75d70a3dd39d875c0f2e40ee5a6d3b6130f99961d1f7b207a8b8fbb
-
SSDEEP
49152:GrihbF2YzW7juDDUrEC19YTl10auIyhhTxHMOPMQ3d2y7TMb64:84bF2P7jukrEWo1fbB
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-