Overview

overview

7

Static

static

3

RobloxPlayerBeta.exe

windows10-2004-x64

7

RobloxPlayerBeta.pyc

windows10-2004-x64

3

Resubmissions

26-04-2024 18:27

240426-w32e5aad6s 7

26-04-2024 01:22

240426-bq89zsgg9x 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RobloxPlayerBeta.exe

  • Size

    25.6MB

  • Sample

    240426-w32e5aad6s

  • MD5

    3e0f6d12e33e51431d1fd6d99afa708b

  • SHA1

    c32952f80f37448aab5bc2e9c34feda6a1189c1f

  • SHA256

    39ca0b527bd981b814221cb85c701096679865330fa9dad8e7c581815c32c62a

  • SHA512

    c4df7517b7570c6bba1a5708ad0723edaac96919f3ed0ebf0408b2c59e02776761008dc84b4fa3a6ac23175711dc94bab4032d9713a84339d9505c53e1189688

  • SSDEEP

    393216:Nh9SCD5WyGh2Jp5MLurEUWj77aRE4UK1vAYEuK+:P9fTGhpdbXaRt19K+

Score
7/10
pyinstallerupx

Malware Config

Targets

    • Target

      RobloxPlayerBeta.exe

    • Size

      25.6MB

    • MD5

      3e0f6d12e33e51431d1fd6d99afa708b

    • SHA1

      c32952f80f37448aab5bc2e9c34feda6a1189c1f

    • SHA256

      39ca0b527bd981b814221cb85c701096679865330fa9dad8e7c581815c32c62a

    • SHA512

      c4df7517b7570c6bba1a5708ad0723edaac96919f3ed0ebf0408b2c59e02776761008dc84b4fa3a6ac23175711dc94bab4032d9713a84339d9505c53e1189688

    • SSDEEP

      393216:Nh9SCD5WyGh2Jp5MLurEUWj77aRE4UK1vAYEuK+:P9fTGhpdbXaRt19K+

    Score
    7/10
    upx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops desktop.ini file(s)

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

    • Target

      RobloxPlayerBeta.pyc

    • Size

      45KB

    • MD5

      04874703899f3795772623d4baa7f20e

    • SHA1

      60db20b2b60c9d411499133abfd6f098c3d331b4

    • SHA256

      8bea6a4afec6a7dc90e24e9f20f353cdbfa44de31455265efc6a53dcc630bc4b

    • SHA512

      295ffd69b943817e97533294fb6ba2ed4292fdfb0edf7653c56ac4281bc87e580a3a7ad686e75648bfa10a3d82bf84fb863542773c7d6e01182ac126bd0c1f80

    • SSDEEP

      768:n9JWOwURKWmGZvo8DYPzQ0o9pTxyfPDRZe70Dc+35Ovw8fShrxeW3gMJbDlhLx3u:n9JW01mcvaP80idxyfFMSc+35Ovw8fSu

    Score
    3/10
    behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks