Overview

overview

10

Static

static

10

freerobux.exe

windows10-1703-x64

7

freerobux.exe

windows7-x64

7

freerobux.exe

windows10-2004-x64

7

freerobux.exe

windows11-21h2-x64

7

Resubmissions

17-05-2024 20:27

240517-y8h7vahe2y 10

17-05-2024 19:38

240517-ycv7jafe59 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    freerobux.exe

  • Size

    19.6MB

  • Sample

    240517-ycv7jafe59

  • MD5

    ed049eea7dd42a25d83dd75c377294a0

  • SHA1

    52b75bc55d1bb28dd3ae6a016de961d4f543ba9b

  • SHA256

    fa295367c659cffaa8b33f0a2877a8a3385711c1e0b99672e8268a789a8eb976

  • SHA512

    776c910108258e5f95e5d4753383a199a952f721eec1e5c7b8381c5e45261e458a52615bf5a4e148259a3866e8b6d368796ea62cd60841263646180a2efca10b

  • SSDEEP

    393216:/QtsFr7M5livQETSTvJQnqOqK8/7zdCRd7W:/QtsB7M5lmQEWThQhoU

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      freerobux.exe

    • Size

      19.6MB

    • MD5

      ed049eea7dd42a25d83dd75c377294a0

    • SHA1

      52b75bc55d1bb28dd3ae6a016de961d4f543ba9b

    • SHA256

      fa295367c659cffaa8b33f0a2877a8a3385711c1e0b99672e8268a789a8eb976

    • SHA512

      776c910108258e5f95e5d4753383a199a952f721eec1e5c7b8381c5e45261e458a52615bf5a4e148259a3866e8b6d368796ea62cd60841263646180a2efca10b

    • SSDEEP

      393216:/QtsFr7M5livQETSTvJQnqOqK8/7zdCRd7W:/QtsB7M5lmQEWThQhoU

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks