93580834e65af2f5a83aacef47a1ec3ef45fc6ab9683ec4df771bbea713ab38f | Triage

Resubmissions

11-04-2024 08:34

240411-kgehpafg35 8

11-04-2024 08:33

240411-kf74lsfg27 7

11-04-2024 08:33

240411-kft7raah3s 8

10-04-2024 18:10

240410-wr2lraff25 10

Sharing

General

Target

RobloxPlayerLauncher.exe
Size

1.6MB
Sample

240411-kf74lsfg27
MD5

df3c89248671866cfb9e0a407fad20b4
SHA1

2258e20671e6aaba8ce75abb5bc5bca8c4df0035
SHA256

93580834e65af2f5a83aacef47a1ec3ef45fc6ab9683ec4df771bbea713ab38f
SHA512

f6658f2653aefebc573518773c97319d87d70cabeb182cd622a5722d4df0417df17318f4b25b7929ab03e982a072e914175971b96e205356c5c6a23a3fedaf01
SSDEEP

49152:NmAhTN2Q5MmBRS+qYNS2+3njUrG+TvamoGXtTOgM7PMQpdAUFTHrPHHoV5N:gAhTkyZBdM2+3njUmrPHA

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  RobloxPlayerLauncher.exe
- Size
  
  1.6MB
- MD5
  
  df3c89248671866cfb9e0a407fad20b4
- SHA1
  
  2258e20671e6aaba8ce75abb5bc5bca8c4df0035
- SHA256
  
  93580834e65af2f5a83aacef47a1ec3ef45fc6ab9683ec4df771bbea713ab38f
- SHA512
  
  f6658f2653aefebc573518773c97319d87d70cabeb182cd622a5722d4df0417df17318f4b25b7929ab03e982a072e914175971b96e205356c5c6a23a3fedaf01
- SSDEEP
  
  49152:NmAhTN2Q5MmBRS+qYNS2+3njUrG+TvamoGXtTOgM7PMQpdAUFTHrPHHoV5N:gAhTkyZBdM2+3njUmrPHA
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan