07025b2e0e775cdb2540ac7f4ba53d4697eae2bc3167274c10dd5258cd99371d | Triage

Submit
Reports

Overview

overview

8

Static

static

1

skibidi_co...e.rbxl

windows7-x64

3

skibidi_co...e.rbxl

windows10-2004-x64

8

Resubmissions

29-04-2024 16:53

240429-vd64msff34 8

Sharing

General

Target

skibidi_copy_off_game.rbxl
Size

3.4MB
Sample

240429-vd64msff34
MD5

6b3b0755a3061008bfe8894901f97956
SHA1

1d6f9f911d5198195945734f0926b374d9bbc416
SHA256

07025b2e0e775cdb2540ac7f4ba53d4697eae2bc3167274c10dd5258cd99371d
SHA512

705e2aaa6d3677a104c0e0d3a9f5f2db355f252c74270da9e3692a1c7a1e555c3b9abcb27dc65c48911448318df3e53a15d557764c41149ae54ed97c39a2a162
SSDEEP

49152:m6IOzVAz4eJYVxpTlTeUnKHavU+jQ+4HDeGChDAjSb0lc5LEb3:m6I4+9QlKGUOQ+4jGAjSb7I3

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

skibidi_copy_off_game.rbxl

Resource

win7-20240221-en

windows7-x64

4 signatures

600 seconds

Behavioral task

behavioral2

Sample

skibidi_copy_off_game.rbxl

Resource

win10v2004-20240426-en

discovery evasion persistence trojan

windows10-2004-x64

28 signatures

600 seconds

Malware Config

Targets

- Target
  
  skibidi_copy_off_game.rbxl
- Size
  
  3.4MB
- MD5
  
  6b3b0755a3061008bfe8894901f97956
- SHA1
  
  1d6f9f911d5198195945734f0926b374d9bbc416
- SHA256
  
  07025b2e0e775cdb2540ac7f4ba53d4697eae2bc3167274c10dd5258cd99371d
- SHA512
  
  705e2aaa6d3677a104c0e0d3a9f5f2db355f252c74270da9e3692a1c7a1e555c3b9abcb27dc65c48911448318df3e53a15d557764c41149ae54ed97c39a2a162
- SSDEEP
  
  49152:m6IOzVAz4eJYVxpTlTeUnKHavU+jQ+4HDeGChDAjSb0lc5LEb3:m6I4+9QlKGUOQ+4jGAjSb7I3
Score

8^/10

discovery evasion persistence trojan
- Downloads MZ/PE file
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryevasionpersistencetrojan

© 2018-2025

Terms | Privacy