6edb725dd187a89987530e502a8b17bba1d38079e9d226fca734d5ae9e378c71 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

Artic X Ro...03.exe

windows10-2004-x64

8

Sharing

General

Target

Artic X Roblox Exploit V1.0.3B_56403.exe
Size

9.4MB
Sample

230919-xhhmysbc8y
MD5

231636ef3b0e6ec1a3847d24cb479875
SHA1

14d4f515f029b932c3ce040990f67323dbfeed46
SHA256

6edb725dd187a89987530e502a8b17bba1d38079e9d226fca734d5ae9e378c71
SHA512

d0a7da440f0ca6be153c57f3de5c383fd43580b9dec8a433000e4bc853a53ad77d2643a7e7ed0669767f57df583c687d76dc6e483614238e90279a0e1e8f43a9
SSDEEP

196608:jfjFb/8YLUNrqNzpOrymQ3bKfIiaNPFHNRsiK6e:LjFbE/NrqNgryL3bIIiEHMn6e

Score

8^/10

discovery spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

Artic X Roblox Exploit V1.0.3B_56403.exe

Resource

win10v2004-20230915-en

discovery spyware stealer upx

windows10-2004-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  Artic X Roblox Exploit V1.0.3B_56403.exe
- Size
  
  9.4MB
- MD5
  
  231636ef3b0e6ec1a3847d24cb479875
- SHA1
  
  14d4f515f029b932c3ce040990f67323dbfeed46
- SHA256
  
  6edb725dd187a89987530e502a8b17bba1d38079e9d226fca734d5ae9e378c71
- SHA512
  
  d0a7da440f0ca6be153c57f3de5c383fd43580b9dec8a433000e4bc853a53ad77d2643a7e7ed0669767f57df583c687d76dc6e483614238e90279a0e1e8f43a9
- SSDEEP
  
  196608:jfjFb/8YLUNrqNzpOrymQ3bKfIiaNPFHNRsiK6e:LjFbE/NrqNgryL3bIIiEHMn6e
Score

8^/10

discovery spyware stealer upx
- Downloads MZ/PE file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks for any installed AV software in registry
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Process Discovery

Query Registry

Software Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealerupx

© 2018-2025

Terms | Privacy