Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    Roblox_Optimizer.exe

  • Size

    133.1MB

  • Sample

    240424-zfb4hahc76

  • MD5

    c6d9f5f763768c335c65f8b23bafe043

  • SHA1

    83ab9eddace5626c69f7b8bdb19e98bd97dc35ea

  • SHA256

    fb5ee85a1223aac5ab864ab937169da1ec66b76a4396fe271cc6ee47fbfc970f

  • SHA512

    27dec4f32594fb808bd589af00b513dfd2f4231574b0eba1c082f1cc1f2264bfd64d7342d074b415cf908eabdc1678a605f7645a17efbcce96ef769f5596330f

  • SSDEEP

    3145728:Yx5qISK9jJeNm11tPkonP1LQqIVwkh0aU/1Bx5qISK9jJeNm11tPkonP1LQqIVwF:wFStk11tM2PRQrmsubFStk11tM2PRQrE

Score
8/10

Malware Config

Targets

    • Target

      Roblox_Optimizer.exe

    • Size

      133.1MB

    • MD5

      c6d9f5f763768c335c65f8b23bafe043

    • SHA1

      83ab9eddace5626c69f7b8bdb19e98bd97dc35ea

    • SHA256

      fb5ee85a1223aac5ab864ab937169da1ec66b76a4396fe271cc6ee47fbfc970f

    • SHA512

      27dec4f32594fb808bd589af00b513dfd2f4231574b0eba1c082f1cc1f2264bfd64d7342d074b415cf908eabdc1678a605f7645a17efbcce96ef769f5596330f

    • SSDEEP

      3145728:Yx5qISK9jJeNm11tPkonP1LQqIVwkh0aU/1Bx5qISK9jJeNm11tPkonP1LQqIVwF:wFStk11tM2PRQrmsubFStk11tM2PRQrE

    Score
    8/10
    • Blocklisted process makes network request

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks