General
-
Target
RobloxStudioLauncherBeta.exe
-
Size
1.7MB
-
Sample
230714-eeywnach7t
-
MD5
0d3ad3e8536c7fc109a6e0d7d0f4602f
-
SHA1
50b2854b85c719219eb90fea2b9840a679dbb951
-
SHA256
3cb2387973d95e8f14981163e2c4c99c1276d76aecd1799817bfea0b853c7dc0
-
SHA512
0f22959e4ca8cf3519ac7d0700daa57dcd96d847e111f1b68327fd2b136d622ebd0a1fb6449ab4bfc0acd864a57fd00faf02c0c2d05aeb900f411686638fe2aa
-
SSDEEP
49152:4Gd7ZRerhHUnGcy3pzM83MgIUwpsRX43TRaWapvM9T3YMoPMQ3dACETfA:4GBZRerhH4y3pzM83MgIe
Malware Config
Targets
-
-
Target
RobloxStudioLauncherBeta.exe
-
Size
1.7MB
-
MD5
0d3ad3e8536c7fc109a6e0d7d0f4602f
-
SHA1
50b2854b85c719219eb90fea2b9840a679dbb951
-
SHA256
3cb2387973d95e8f14981163e2c4c99c1276d76aecd1799817bfea0b853c7dc0
-
SHA512
0f22959e4ca8cf3519ac7d0700daa57dcd96d847e111f1b68327fd2b136d622ebd0a1fb6449ab4bfc0acd864a57fd00faf02c0c2d05aeb900f411686638fe2aa
-
SSDEEP
49152:4Gd7ZRerhHUnGcy3pzM83MgIUwpsRX43TRaWapvM9T3YMoPMQ3dACETfA:4GBZRerhH4y3pzM83MgIe
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-