1ec6cb9514a55bd2b967d767f2fa5416c4cc8eec3723e4c28f52fdacb1207d76

Submit
Reports

Overview

overview

Static

static

Roblox Arc...t).apk

android-9-x86

SourceSans...ck.ttf

windows7-x64

SourceSans...ck.ttf

windows10-2004-x64

SourceSans...ld.ttf

windows7-x64

SourceSans...ld.ttf

windows10-2004-x64

SourceSans...ht.ttf

windows7-x64

SourceSans...ht.ttf

windows10-2004-x64

SourceSans...ar.ttf

windows7-x64

SourceSans...ar.ttf

windows10-2004-x64

SourceSans...ld.ttf

windows7-x64

SourceSans...ld.ttf

windows10-2004-x64

cacert.pem

windows7-x64

cacert.pem

windows10-2004-x64

fingerprint.txt

windows7-x64

fingerprint.txt

windows10-2004-x64

main.1.com...nt.zip

windows7-x64

main.1.com...nt.zip

windows10-2004-x64

ExtraConte..._1.png

windows7-x64

ExtraConte..._1.png

windows10-2004-x64

ExtraConte..._2.png

windows7-x64

ExtraConte..._2.png

windows10-2004-x64

ExtraConte..._3.png

windows7-x64

ExtraConte..._3.png

windows10-2004-x64

ExtraConte..._4.png

windows7-x64

ExtraConte..._4.png

windows10-2004-x64

ExtraConte..._5.png

windows7-x64

ExtraConte..._5.png

windows10-2004-x64

ExtraConte..._6.png

windows7-x64

ExtraConte..._6.png

windows10-2004-x64

ExtraConte..._7.png

windows7-x64

ExtraConte..._7.png

windows10-2004-x64

ExtraConte..._1.png

windows7-x64

Analysis

max time kernel
119s
max time network
132s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
11/10/2023, 18:59

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Roblox Arceus X V3 BETA RELEASE(arceusx.net).apk

Resource

android-x86-arm-20230831-en

evasion

android-9-x86

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

SourceSansPro-Black.ttf

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

SourceSansPro-Black.ttf

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

SourceSansPro-Bold.ttf

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

SourceSansPro-Bold.ttf

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

SourceSansPro-Light.ttf

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

SourceSansPro-Light.ttf

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

SourceSansPro-Regular.ttf

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

SourceSansPro-Regular.ttf

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

SourceSansPro-Semibold.ttf

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

SourceSansPro-Semibold.ttf

Resource

win10v2004-20230915-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral12

Sample

cacert.pem

Resource

win7-20230831-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral13

Sample

cacert.pem

Resource

win10v2004-20230915-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

fingerprint.txt

Resource

win7-20230831-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

fingerprint.txt

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

main.1.com.roblox.client.zip

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

main.1.com.roblox.client.zip

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_1.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_1.png

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_2.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_2.png

Resource

win10v2004-20230915-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_3.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_3.png

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_4.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_4.png

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral26

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_5.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_5.png

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral28

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_6.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_6.png

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_7.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_1x_7.png

Resource

win10v2004-20230915-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

ExtraContent/LuaPackages/Packages/_Index/UIBlox/UIBlox/App/ImageSet/ImageAtlas/img_set_2x_1.png

Resource

win7-20230831-en

windows7-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

SourceSansPro-Black.ttf
Size

144KB
MD5

87dc85e3e9a6074a802e9e3d5838d492
SHA1

dd37654546cc7f8247066b3615c700ae0d6bc6e8
SHA256

79d2b0ee70a30cae611bb9cbbc9a473491c0f8a416f4a5c085ae3a4daa171381
SHA512

6a6d44979a82cde5d2fe1ee12cbeb50ae0f7c7a26e4e4bf7f3bc8da61f0b5390e085bead40ccdb2e4bfb7a97c79bc7cda92c2579227d56c4de8e0466fd30d8ce
SSDEEP

1536:x4w7z7lByvmK9VzcP8209Wqw1oaoSv5mKt9fq/M9jGUDUvrx3A:tX7y/9VYP8N+oAm/ZL6

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1236 wrote to memory of 2704	1236	cmd.exe	29
PID 1236 wrote to memory of 2704	1236	cmd.exe	29
PID 1236 wrote to memory of 2704	1236	cmd.exe	29

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\SourceSansPro-Black.ttf
1⤵
- Suspicious use of WriteProcessMemory
PID:1236
- C:\Windows\System32\fontview.exe
  "C:\Windows\System32\fontview.exe" C:\Users\Admin\AppData\Local\Temp\SourceSansPro-Black.ttf
  2⤵
  PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads