b38d83d7af1e28dda777941a4954101117904b923986673c07dc7512eab169c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Roblox-Player.exe
Size

2.8MB
Sample

231013-vshplaec92
MD5

b175580da5bae576bf2fcb6b5d096f70
SHA1

230d1e14536bdcb5138343edffd4d52b4195e72c
SHA256

b38d83d7af1e28dda777941a4954101117904b923986673c07dc7512eab169c6
SHA512

3f065c5d53df4113e6438d1154cff6d26416a30f00ddb5633d5a866495d19d0d6f236e219fb2c46791cb5492fcea9f2b3923ea32fc2efb09c63ed9092b63a663
SSDEEP

49152:fVkTZfUzAOOaGBSmY5uqPFCH684GXupzdV2yYx6I1WfK8YKwnTZMOZIh0sPJz:NkT5UzAxt3Y5hPYIJV2y26TdYKwTER

Score

7^/10

Malware Config

Targets

- Target
  
  Roblox-Player.exe
- Size
  
  2.8MB
- MD5
  
  b175580da5bae576bf2fcb6b5d096f70
- SHA1
  
  230d1e14536bdcb5138343edffd4d52b4195e72c
- SHA256
  
  b38d83d7af1e28dda777941a4954101117904b923986673c07dc7512eab169c6
- SHA512
  
  3f065c5d53df4113e6438d1154cff6d26416a30f00ddb5633d5a866495d19d0d6f236e219fb2c46791cb5492fcea9f2b3923ea32fc2efb09c63ed9092b63a663
- SSDEEP
  
  49152:fVkTZfUzAOOaGBSmY5uqPFCH684GXupzdV2yYx6I1WfK8YKwnTZMOZIh0sPJz:NkT5UzAxt3Y5hPYIJV2y26TdYKwTER
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2