Overview

overview

8

Static

static

1

RobloxPlay...er.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RobloxPlayerLauncher.exe

  • Size

    2.0MB

  • Sample

    230331-1cln7seh6s

  • MD5

    6b68f3be3850e9b2ac03bad9f4de5b88

  • SHA1

    57c59090e38d6e0128874ed93f53a4e3c65ee47b

  • SHA256

    159a30c008bb234af56a7c786cb5352e7b96dc62fac6b2ca2ea7fa75fc6841b7

  • SHA512

    de8b266ef96aec59987e025dfccd51d8bd91e7e4523c6bc4ccab73de5819b429033da773c1f155e98607d1d60bd63e1b07deca2b454493bd5b8122cc265bbeb7

  • SSDEEP

    49152:UUvIzhIhn1g5yca9e3j8ITYMao+8k1TymMYPMQ3dS/BTXsb6Hrvd:USnhn6yca9ezeEsbg

Score
8/10
discoveryevasionspywarestealertrojan

Malware Config

Targets

    • Target

      RobloxPlayerLauncher.exe

    • Size

      2.0MB

    • MD5

      6b68f3be3850e9b2ac03bad9f4de5b88

    • SHA1

      57c59090e38d6e0128874ed93f53a4e3c65ee47b

    • SHA256

      159a30c008bb234af56a7c786cb5352e7b96dc62fac6b2ca2ea7fa75fc6841b7

    • SHA512

      de8b266ef96aec59987e025dfccd51d8bd91e7e4523c6bc4ccab73de5819b429033da773c1f155e98607d1d60bd63e1b07deca2b454493bd5b8122cc265bbeb7

    • SSDEEP

      49152:UUvIzhIhn1g5yca9e3j8ITYMao+8k1TymMYPMQ3dS/BTXsb6Hrvd:USnhn6yca9ezeEsbg

    Score
    8/10
    discoveryevasionspywarestealertrojan

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops desktop.ini file(s)

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks