General
-
Target
RobloxPlayerBeta.exe
-
Size
19.5MB
-
Sample
240509-e8qr5sba7t
-
MD5
32867f068d628999a7f623687659e15a
-
SHA1
677015cc479276eda4a8425ee92363faa5608f34
-
SHA256
c3edc1ea5fafff93c498a935e591ea3569582f63b04f3b8bbee10e59caf59826
-
SHA512
66ce881dcb55d54ef97b32616b9437714a451a3ab039d086be5a35a12f60103440425a4d4053e19248672a0cd848819ef6bbd809ffa50fa83916ab9cd788ddec
-
SSDEEP
196608:Whnc4ixZIxPW5SwLRXgWPmpzdhqiCeNsHFJMIDJ+gsAGKkR5QDT:5/5L1V8dxYFqy+gs15y
Behavioral task
behavioral1
Sample
RobloxPlayerBeta.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
RobloxPlayerBeta.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
RobloxPlayerBeta.exe
-
Size
19.5MB
-
MD5
32867f068d628999a7f623687659e15a
-
SHA1
677015cc479276eda4a8425ee92363faa5608f34
-
SHA256
c3edc1ea5fafff93c498a935e591ea3569582f63b04f3b8bbee10e59caf59826
-
SHA512
66ce881dcb55d54ef97b32616b9437714a451a3ab039d086be5a35a12f60103440425a4d4053e19248672a0cd848819ef6bbd809ffa50fa83916ab9cd788ddec
-
SSDEEP
196608:Whnc4ixZIxPW5SwLRXgWPmpzdhqiCeNsHFJMIDJ+gsAGKkR5QDT:5/5L1V8dxYFqy+gs15y
Score8/10-
Modifies Windows Firewall
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-