0758eaf14b096b5c1204deab699870656e07a9bd81b7da92786eb44562417c53 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Robux_Generator.exe

windows10-2004-x64

7

Resubmissions

09-06-2023 19:32

230609-x87prsdb66 7

09-06-2023 19:31

230609-x8mpladh91 7

09-06-2023 19:22

230609-x3cx7sdb34 7

Sharing

General

Target

Robux_Generator.exe
Size

21.4MB
Sample

230609-x87prsdb66
MD5

118a8837aa2b77b08cc2006b0aeda73a
SHA1

82b2f9905e7fb1050997e70232aa5b0b5050549a
SHA256

0758eaf14b096b5c1204deab699870656e07a9bd81b7da92786eb44562417c53
SHA512

30ef17faaabf5c501de40bdad688750b2036d816de73ba45a7aab164e882f00e3513139c8e33f1a21076adad76ce53b1f9014aa248d3c1661c2f19191290751c
SSDEEP

393216:4xAlnfLFinVPm2QaFqyYgsSVXG0J3F1hkHzo8Y0D:9ljFinVPm2QR9SMou

Score

7^/10

pyinstaller spyware stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Robux_Generator.exe

Resource

win10v2004-20230220-en

spyware stealer upx

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Targets

- Target
  
  Robux_Generator.exe
- Size
  
  21.4MB
- MD5
  
  118a8837aa2b77b08cc2006b0aeda73a
- SHA1
  
  82b2f9905e7fb1050997e70232aa5b0b5050549a
- SHA256
  
  0758eaf14b096b5c1204deab699870656e07a9bd81b7da92786eb44562417c53
- SHA512
  
  30ef17faaabf5c501de40bdad688750b2036d816de73ba45a7aab164e882f00e3513139c8e33f1a21076adad76ce53b1f9014aa248d3c1661c2f19191290751c
- SSDEEP
  
  393216:4xAlnfLFinVPm2QaFqyYgsSVXG0J3F1hkHzo8Y0D:9ljFinVPm2QR9SMou
Score

7^/10

spyware stealer upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

spywarestealerupx

© 2018-2024

Terms | Privacy