Overview

overview

7

Static

static

3

RobloxBypass.exe

windows7-x64

7

RobloxBypass.exe

windows10-2004-x64

6

Resubmissions

05-01-2024 22:33

240105-2gm89sdaf6 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RobloxBypass.exe

  • Size

    71.1MB

  • Sample

    240105-2gm89sdaf6

  • MD5

    9e95bdb9e2f8001df8d7330adb2b4657

  • SHA1

    461b60365d6ec8a4d0f1f2c919d9eb432a7910f5

  • SHA256

    231db8c5bd5ef7d4cb88c79b8bd5211e81f3c61346a0c0a4616796171364f6de

  • SHA512

    88a8c9b9a53a7c1c00c373be07155664d0d7f0c66f964a90a03f73b6e31f257c1c4fdc6249b547fc036cf57cb2c3d888b7f2ebb4e7e4e170f47b64a201fafcf0

  • SSDEEP

    1572864:I4/4rzOchPGYaKOFlRNhENefeXjFomgXyNkKnSTxT3d3AkZ30GB7:rkqcdGYYLbeOAKmCGkySTVJAYkGB7

Score
7/10

Malware Config

Targets

    • Target

      RobloxBypass.exe

    • Size

      71.1MB

    • MD5

      9e95bdb9e2f8001df8d7330adb2b4657

    • SHA1

      461b60365d6ec8a4d0f1f2c919d9eb432a7910f5

    • SHA256

      231db8c5bd5ef7d4cb88c79b8bd5211e81f3c61346a0c0a4616796171364f6de

    • SHA512

      88a8c9b9a53a7c1c00c373be07155664d0d7f0c66f964a90a03f73b6e31f257c1c4fdc6249b547fc036cf57cb2c3d888b7f2ebb4e7e4e170f47b64a201fafcf0

    • SSDEEP

      1572864:I4/4rzOchPGYaKOFlRNhENefeXjFomgXyNkKnSTxT3d3AkZ30GB7:rkqcdGYYLbeOAKmCGkySTVJAYkGB7

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Process Discovery

1
T1057

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks