Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Roblox_MU.exe

  • Size

    15.4MB

  • Sample

    231123-sajstsbb9v

  • MD5

    ca6786492583a7da62c55c8d84b43e7d

  • SHA1

    aca9692f61608c133ddab0e70bd256905c13fd75

  • SHA256

    0d6a6a819635f31e4b64ed326b9f75ad72ebd0dd769bc6ba1b12c11510edd396

  • SHA512

    1a8b5e25de55f8bdc046fbcc5096c81fd89ca46db46f50b66ba31fbaa69c960d91bf9ae6dff2749752fbb3e3cc95f7d0106e573542194cea6bb530d46b1a9086

  • SSDEEP

    393216:yWvz+XOVzOwKlICtL+9qzTfgD7fEUyIWaJOO0WCWLu:Tz+XOxO4A+9q/fq7fEbIMVWLu

Malware Config

Targets

    • Target

      Roblox_MU.exe

    • Size

      15.4MB

    • MD5

      ca6786492583a7da62c55c8d84b43e7d

    • SHA1

      aca9692f61608c133ddab0e70bd256905c13fd75

    • SHA256

      0d6a6a819635f31e4b64ed326b9f75ad72ebd0dd769bc6ba1b12c11510edd396

    • SHA512

      1a8b5e25de55f8bdc046fbcc5096c81fd89ca46db46f50b66ba31fbaa69c960d91bf9ae6dff2749752fbb3e3cc95f7d0106e573542194cea6bb530d46b1a9086

    • SSDEEP

      393216:yWvz+XOVzOwKlICtL+9qzTfgD7fEUyIWaJOO0WCWLu:Tz+XOxO4A+9q/fq7fEbIMVWLu

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks