Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Roblox_MU.exe
-
Size
15.4MB
-
Sample
231123-sajstsbb9v
-
MD5
ca6786492583a7da62c55c8d84b43e7d
-
SHA1
aca9692f61608c133ddab0e70bd256905c13fd75
-
SHA256
0d6a6a819635f31e4b64ed326b9f75ad72ebd0dd769bc6ba1b12c11510edd396
-
SHA512
1a8b5e25de55f8bdc046fbcc5096c81fd89ca46db46f50b66ba31fbaa69c960d91bf9ae6dff2749752fbb3e3cc95f7d0106e573542194cea6bb530d46b1a9086
-
SSDEEP
393216:yWvz+XOVzOwKlICtL+9qzTfgD7fEUyIWaJOO0WCWLu:Tz+XOxO4A+9q/fq7fEbIMVWLu
Behavioral task
behavioral1
Sample
Roblox_MU.exe
Resource
win7-20231023-en
Malware Config
Targets
-
-
Target
Roblox_MU.exe
-
Size
15.4MB
-
MD5
ca6786492583a7da62c55c8d84b43e7d
-
SHA1
aca9692f61608c133ddab0e70bd256905c13fd75
-
SHA256
0d6a6a819635f31e4b64ed326b9f75ad72ebd0dd769bc6ba1b12c11510edd396
-
SHA512
1a8b5e25de55f8bdc046fbcc5096c81fd89ca46db46f50b66ba31fbaa69c960d91bf9ae6dff2749752fbb3e3cc95f7d0106e573542194cea6bb530d46b1a9086
-
SSDEEP
393216:yWvz+XOVzOwKlICtL+9qzTfgD7fEUyIWaJOO0WCWLu:Tz+XOxO4A+9q/fq7fEbIMVWLu
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-