Overview

overview

10

Static

static

10

RobloxBeta....0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    RobloxBetaPlayer2.0.exe

  • Size

    111KB

  • MD5

    a300be606d019f3241cb6a5406ee7989

  • SHA1

    161df691fed16fce6c20e3be0c33b67231028686

  • SHA256

    d749a11285a3981f43988d3f74f07466c80e88fbcab4815974f5b0700096627a

  • SHA512

    7a4ea0f51284cb0195a93b50f3ff5b1437335b657e511b6cc3be3b5547efd9c0c51e1a212bb91d31a296af7290e3aefbc001458aa77f57f729dd24c3ac96fb88

  • SSDEEP

    1536:XbP2YHHLgAKZetquTtMZz7sb1hRQfm87OAsKhyWRys1uuHszeogDYid:ruwQSqeCwb1h2V7OA75I+uM8eoWJd

Score
10/10
xworm

Malware Config

Extracted

Family

xworm

C2

127.0.0.1:12550

2.tcp.eu.ngrok.io:12550

localhost:12550

178.129.64.21:12550
Attributes
  • Install_directory

    %AppData%

  • install_file

    Roblox2.0_Service.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • Xworm family
    xworm
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • RobloxBetaPlayer2.0.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections