General
-
Target
RobloxPlayerBeta.exe
-
Size
25.6MB
-
Sample
240426-w32e5aad6s
-
MD5
3e0f6d12e33e51431d1fd6d99afa708b
-
SHA1
c32952f80f37448aab5bc2e9c34feda6a1189c1f
-
SHA256
39ca0b527bd981b814221cb85c701096679865330fa9dad8e7c581815c32c62a
-
SHA512
c4df7517b7570c6bba1a5708ad0723edaac96919f3ed0ebf0408b2c59e02776761008dc84b4fa3a6ac23175711dc94bab4032d9713a84339d9505c53e1189688
-
SSDEEP
393216:Nh9SCD5WyGh2Jp5MLurEUWj77aRE4UK1vAYEuK+:P9fTGhpdbXaRt19K+
Behavioral task
behavioral1
Sample
RobloxPlayerBeta.exe
Resource
win10v2004-20240419-en
Behavioral task
behavioral2
Sample
RobloxPlayerBeta.pyc
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
RobloxPlayerBeta.exe
-
Size
25.6MB
-
MD5
3e0f6d12e33e51431d1fd6d99afa708b
-
SHA1
c32952f80f37448aab5bc2e9c34feda6a1189c1f
-
SHA256
39ca0b527bd981b814221cb85c701096679865330fa9dad8e7c581815c32c62a
-
SHA512
c4df7517b7570c6bba1a5708ad0723edaac96919f3ed0ebf0408b2c59e02776761008dc84b4fa3a6ac23175711dc94bab4032d9713a84339d9505c53e1189688
-
SSDEEP
393216:Nh9SCD5WyGh2Jp5MLurEUWj77aRE4UK1vAYEuK+:P9fTGhpdbXaRt19K+
Score7/10-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
-
-
Target
RobloxPlayerBeta.pyc
-
Size
45KB
-
MD5
04874703899f3795772623d4baa7f20e
-
SHA1
60db20b2b60c9d411499133abfd6f098c3d331b4
-
SHA256
8bea6a4afec6a7dc90e24e9f20f353cdbfa44de31455265efc6a53dcc630bc4b
-
SHA512
295ffd69b943817e97533294fb6ba2ed4292fdfb0edf7653c56ac4281bc87e580a3a7ad686e75648bfa10a3d82bf84fb863542773c7d6e01182ac126bd0c1f80
-
SSDEEP
768:n9JWOwURKWmGZvo8DYPzQ0o9pTxyfPDRZe70Dc+35Ovw8fShrxeW3gMJbDlhLx3u:n9JW01mcvaP80idxyfFMSc+35Ovw8fSu
Score3/10 -