Overview

overview

5

Static

static

1

version-2f...er.exe

windows7-x64

1

version-2f...er.exe

windows10-2004-x64

1

version-2f...ta.dll

windows7-x64

1

version-2f...ta.dll

windows10-2004-x64

5

version-2f...ta.exe

windows7-x64

1

version-2f...ta.exe

windows10-2004-x64

5

version-2f...er.dll

windows7-x64

1

version-2f...er.dll

windows10-2004-x64

1

version-2f...ler.js

windows7-x64

3

version-2f...ler.js

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 23:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    version-2f99b302154c4478/RobloxPlayerBeta.exe

  • Size

    87.1MB

  • MD5

    9df96115b99e6b6e4b7a27e8810032de

  • SHA1

    9a40772189129e2c782ffe9d024cfd69310b488d

  • SHA256

    cf9c3426724b5219949d59cda4fab86294ad95769562cf882a6d31f97501a607

  • SHA512

    906400f9d76b2717b653c4e054db5e91bd4a0e70584f21447b8ccbc8a9b176fc48247affd05c4543185842dbed93b93bff928b59aea4b94b6a7afa0b88d6ec48

  • SSDEEP

    1572864:Tf2eZ40m1pCicEYeqhHF8kxd7Q6870H7kPwwrEBjxUUn6nRdYgx:TdxIpCiFu5F8kxJJG0H4Pw0EBjxNu

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 18 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\version-2f99b302154c4478\RobloxPlayerBeta.exe
    "C:\Users\Admin\AppData\Local\Temp\version-2f99b302154c4478\RobloxPlayerBeta.exe"
    1⤵
    • Suspicious use of NtCreateThreadExHideFromDebugger
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of UnmapMainImage
    PID:5112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/5112-1-0x00007FFA15B70000-0x00007FFA15B71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5112-0-0x000001D0D59F0000-0x000001D0D59F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5112-2-0x00007FFA15AD0000-0x00007FFA15CC5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/5112-8-0x00007FFA15C30000-0x00007FFA15C60000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-7-0x00007FFA15C30000-0x00007FFA15C60000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-6-0x00007FFA15BE0000-0x00007FFA15BF0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-5-0x00007FFA15BE0000-0x00007FFA15BF0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-4-0x00007FFA15AD0000-0x00007FFA15AE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-3-0x00007FFA15AD0000-0x00007FFA15AE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-9-0x00007FFA15C30000-0x00007FFA15C60000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-25-0x00007FFA13550000-0x00007FFA13560000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-59-0x00007FFA138F0000-0x00007FFA13917000-memory.dmp

    Filesize

    156KB

    Download

  • memory/5112-65-0x00007FFA13810000-0x00007FFA13832000-memory.dmp

    Filesize

    136KB

    Download

  • memory/5112-64-0x00007FFA13810000-0x00007FFA13832000-memory.dmp

    Filesize

    136KB

    Download

  • memory/5112-63-0x00007FFA13810000-0x00007FFA13832000-memory.dmp

    Filesize

    136KB

    Download

  • memory/5112-62-0x00007FFA13810000-0x00007FFA13832000-memory.dmp

    Filesize

    136KB

    Download

  • memory/5112-61-0x00007FFA138F0000-0x00007FFA13917000-memory.dmp

    Filesize

    156KB

    Download

  • memory/5112-60-0x00007FFA138F0000-0x00007FFA13917000-memory.dmp

    Filesize

    156KB

    Download

  • memory/5112-58-0x00007FFA138F0000-0x00007FFA13917000-memory.dmp

    Filesize

    156KB

    Download

  • memory/5112-57-0x00007FFA138F0000-0x00007FFA13917000-memory.dmp

    Filesize

    156KB

    Download

  • memory/5112-56-0x00007FFA138F0000-0x00007FFA13917000-memory.dmp

    Filesize

    156KB

    Download

  • memory/5112-66-0x00007FFA13810000-0x00007FFA13832000-memory.dmp

    Filesize

    136KB

    Download

  • memory/5112-54-0x00007FFA133B0000-0x00007FFA133D6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/5112-53-0x00007FFA133B0000-0x00007FFA133D6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/5112-52-0x00007FFA133B0000-0x00007FFA133D6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/5112-51-0x00007FFA133B0000-0x00007FFA133D6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/5112-50-0x00007FFA133B0000-0x00007FFA133D6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/5112-49-0x00007FFA13380000-0x00007FFA13390000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-48-0x00007FFA13380000-0x00007FFA13390000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-47-0x00007FFA13280000-0x00007FFA13290000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-46-0x00007FFA13280000-0x00007FFA13290000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-45-0x00007FFA14160000-0x00007FFA1416B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/5112-44-0x00007FFA14160000-0x00007FFA1416B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/5112-43-0x00007FFA14160000-0x00007FFA1416B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/5112-42-0x00007FFA14160000-0x00007FFA1416B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/5112-41-0x00007FFA14160000-0x00007FFA1416B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/5112-40-0x00007FFA14140000-0x00007FFA14150000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-39-0x00007FFA14140000-0x00007FFA14150000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-38-0x00007FFA13E60000-0x00007FFA13E6E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/5112-37-0x00007FFA13E60000-0x00007FFA13E6E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/5112-36-0x00007FFA13E60000-0x00007FFA13E6E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/5112-35-0x00007FFA13E60000-0x00007FFA13E6E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/5112-34-0x00007FFA13E60000-0x00007FFA13E6E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/5112-32-0x00007FFA13DB0000-0x00007FFA13DC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-55-0x00007FFA138F0000-0x00007FFA13917000-memory.dmp

    Filesize

    156KB

    Download

  • memory/5112-33-0x00007FFA13DB0000-0x00007FFA13DC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-30-0x00007FFA136C0000-0x00007FFA136F0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-29-0x00007FFA136C0000-0x00007FFA136F0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-28-0x00007FFA136C0000-0x00007FFA136F0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-27-0x00007FFA136C0000-0x00007FFA136F0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-26-0x00007FFA136C0000-0x00007FFA136F0000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-24-0x00007FFA13550000-0x00007FFA13560000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-23-0x00007FFA13440000-0x00007FFA13450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-22-0x00007FFA13440000-0x00007FFA13450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-21-0x00007FFA155E0000-0x00007FFA155F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-20-0x00007FFA155E0000-0x00007FFA155F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-19-0x00007FFA155E0000-0x00007FFA155F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-18-0x00007FFA155E0000-0x00007FFA155F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-17-0x00007FFA155E0000-0x00007FFA155F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-16-0x00007FFA155C0000-0x00007FFA155D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-15-0x00007FFA155C0000-0x00007FFA155D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-14-0x00007FFA15530000-0x00007FFA15540000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-13-0x00007FFA15530000-0x00007FFA15540000-memory.dmp

    Filesize

    64KB

    Download

  • memory/5112-12-0x00007FFA15CC0000-0x00007FFA15CC5000-memory.dmp

    Filesize

    20KB

    Download

  • memory/5112-11-0x00007FFA15C30000-0x00007FFA15C60000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-10-0x00007FFA15C30000-0x00007FFA15C60000-memory.dmp

    Filesize

    192KB

    Download

  • memory/5112-31-0x00007FFA15AC0000-0x00007FFA15AC1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5112-85-0x00007FFA15B70000-0x00007FFA15B71000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5112-84-0x000001D0D59F0000-0x000001D0D59F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5112-86-0x00007FFA15AD0000-0x00007FFA15CC5000-memory.dmp

    Filesize

    2.0MB

    Download