Overview

overview

8

Static

static

1

RobloxStud...ta.exe

windows10-1703-x64

8

RobloxStud...ta.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RobloxStudioLauncherBeta.exe

  • Size

    4.8MB

  • Sample

    230930-nj2msacc98

  • MD5

    fdb04b4dd596699ea1b87af827b24f57

  • SHA1

    f2f8c1f94677f283018b155cb610bad2cf92d7f5

  • SHA256

    a6d5cb5d9bea3e2f83867de4aae16eca270e2e50c4a78ff341762d06f4125298

  • SHA512

    05daa8b99e2ad2f3e5c1f0d85786187c7115bee5cf28772c3daa73559b3294a9f9202f3ed1f17afc6c0fad88f3ecbd9a32567c4578dc856397ffb10e11c712a5

  • SSDEEP

    98304:KBvq54FqGwzhex8xkmH6Vgk4ZoNvXo/Bkhor1QNYJbhh/XXy7:AY4FqlzS88gATSQyJ/i

Score
8/10
discoveryevasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      RobloxStudioLauncherBeta.exe

    • Size

      4.8MB

    • MD5

      fdb04b4dd596699ea1b87af827b24f57

    • SHA1

      f2f8c1f94677f283018b155cb610bad2cf92d7f5

    • SHA256

      a6d5cb5d9bea3e2f83867de4aae16eca270e2e50c4a78ff341762d06f4125298

    • SHA512

      05daa8b99e2ad2f3e5c1f0d85786187c7115bee5cf28772c3daa73559b3294a9f9202f3ed1f17afc6c0fad88f3ecbd9a32567c4578dc856397ffb10e11c712a5

    • SSDEEP

      98304:KBvq54FqGwzhex8xkmH6Vgk4ZoNvXo/Bkhor1QNYJbhh/XXy7:AY4FqlzS88gATSQyJ/i

    Score
    8/10
    discoveryevasionpersistencespywarestealertrojan

    • Downloads MZ/PE file

    • Sets file execution options in registry

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops desktop.ini file(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks