Overview

overview

7

Static

static

3

RobloxStud...er.exe

windows10-2004-x64

7

Resubmissions

14/06/2024, 22:09

240614-12wwgaxhjb 7

14/06/2024, 22:05

240614-1zq77sxgle 7

Sharing

Copy URL Twitter E-mail

General

  • Target

    RobloxStudioModManager.exe

  • Size

    1.0MB

  • Sample

    240614-12wwgaxhjb

  • MD5

    1ece1bf83a1ba968df06fe49b23e3bf7

  • SHA1

    f0994bae65054625abb12e20df10927a9282b40d

  • SHA256

    d35915a18fe31820c021ec0c1e0e9b9ca50e3256c152930dcd5b5c3bd8c9d2a5

  • SHA512

    04d8dfa3e56cd61446207f8487f6a95e23ae9e9d641abd5b45206a380785156308fad965efc2f8d6f7ce85e23d2a2a3b27710750a6b4a7ff103e3457d8b8e048

  • SSDEEP

    12288:fNoFgEzDPOVaAubNoFgEQLkZdfrXg+JwuKt/S/60nda7E+zsNoYql:VDyD1ASD0fw+Jwz/S/62kAVG

Score
7/10
evasiontrojan

Malware Config

Targets

    • Target

      RobloxStudioModManager.exe

    • Size

      1.0MB

    • MD5

      1ece1bf83a1ba968df06fe49b23e3bf7

    • SHA1

      f0994bae65054625abb12e20df10927a9282b40d

    • SHA256

      d35915a18fe31820c021ec0c1e0e9b9ca50e3256c152930dcd5b5c3bd8c9d2a5

    • SHA512

      04d8dfa3e56cd61446207f8487f6a95e23ae9e9d641abd5b45206a380785156308fad965efc2f8d6f7ce85e23d2a2a3b27710750a6b4a7ff103e3457d8b8e048

    • SSDEEP

      12288:fNoFgEzDPOVaAubNoFgEQLkZdfrXg+JwuKt/S/60nda7E+zsNoYql:VDyD1ASD0fw+Jwz/S/62kAVG

    Score
    7/10
    evasiontrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks