Overview

overview

3

Static

static

3

roblox/AMD...md.vbs

windows7-x64

1

roblox/AMD...md.vbs

windows10-2004-x64

1

roblox/Net...nt.dll

windows7-x64

1

roblox/Net...nt.dll

windows10-2004-x64

1

roblox/Net...nt.dll

windows7-x64

1

roblox/Net...nt.dll

windows10-2004-x64

1

roblox/Net...ry.dll

windows7-x64

1

roblox/Net...ry.dll

windows10-2004-x64

1

roblox/Net...PC.dll

windows7-x64

1

roblox/Net...PC.dll

windows10-2004-x64

1

roblox/aoc...ux.vbs

windows7-x64

1

roblox/aoc...ux.vbs

windows10-2004-x64

1

roblox/aoc...pp.pdf

windows7-x64

3

roblox/aoc...pp.pdf

windows10-2004-x64

3

roblox/aoc...sl.pdf

windows7-x64

3

roblox/aoc...sl.pdf

windows10-2004-x64

3

roblox/aoc...toc.js

windows7-x64

3

roblox/aoc...toc.js

windows10-2004-x64

3

roblox/aoc...r.html

windows7-x64

3

roblox/aoc...r.html

windows10-2004-x64

3

roblox/aoc...r.html

windows7-x64

3

roblox/aoc...r.html

windows10-2004-x64

3

roblox/aoc...lt.ps1

windows7-x64

3

roblox/aoc...lt.ps1

windows10-2004-x64

3

roblox/aoc...cm.vbs

windows7-x64

1

roblox/aoc...cm.vbs

windows10-2004-x64

1

roblox/clo...ll.ps1

windows7-x64

3

roblox/clo...ll.ps1

windows10-2004-x64

3

roblox/clo...-alive

ubuntu-18.04-amd64

1

roblox/clo...-alive

debian-9-armhf

1

roblox/clo...-alive

debian-9-mips

1

roblox/clo...-alive

debian-9-mipsel

1

Analysis

  • max time kernel
    122s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    05-08-2024 20:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    roblox/aocl-roblox-main/docs/styling/footer.html

  • Size

    2KB

  • MD5

    eb0d8c4cc76836c92ec83afcc706d2f3

  • SHA1

    3cecda5e1ed4eceda0d8dbc23a0454639d726d65

  • SHA256

    9f715cf0fd981f04e3728af040a6850f2d098c02fff263165527454bc68648a1

  • SHA512

    1a476a61d7fc3a3020b86fd918ec290d95ec76cf77f533d2f3f625059503d35c42f4d55b4b26e2a415feb64289e83b6dc40420074c38134e8b0b87b1b158aa87

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\roblox\aocl-roblox-main\docs\styling\footer.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2436 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6aa997c68d14147ca8b20f39e8e38f35

    SHA1

    e5ab914343db62c9c28121650360cbe0167ecc7a

    SHA256

    515317233b70a2590bddea3796f10c881788a3254f91c8a0157e1263f1763b97

    SHA512

    b98bc1a5f9088bfaa2a9a880e247c9e0fb2f1a88a6fc861e3e6636b9af715d360cf43e4cb9f79592ca7a534fe6da327ffb02a0be49fe0347f7e4abe92cd7070a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9338421cb8d37788484c1f6bed85dff6

    SHA1

    dc3c5137e86cc19d084e9dda08edf47d09bfe23b

    SHA256

    eb421243804304c4dfaeb04e0907949009acdd577abd8aea50fa915020576120

    SHA512

    f7208348d7629e18bfab8f8d018a0ac9a1ef15088533e9b7532a19545bfbbbb036bf42202c07dd1253b8d27c8e64db97530bdb2a7faac146debd1d19660b31e6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54be9893bbdfdf0c37f617ab4a0cc077

    SHA1

    7f6c5b2f88ef1422c942eb82a39db0238f7621ce

    SHA256

    eb3987072206bc21ea6047387b9e4044084576d089dc79f6b978424f21abb95d

    SHA512

    2614017631f3771c386b020195580338581ac6db71cf47e9c321a515a58468a309701ca07aad0851ffd757b18fc6ccd6adc4d7e0b004b448d54323ee9532d53f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f128c3f159993f900afd1d44e05ac0f5

    SHA1

    4a3af8c81f8153218e69fc7962c3991a5d1dc218

    SHA256

    9266bb8ec6cea288e0c66a53d3dfa4dd630cb7ee06bd1ca75ea7fd55a512d39b

    SHA512

    254fdf6a4edfe7ad3440f76d9c728b03f6d98bad7e1882582a1263516baa14dbe4c702250403a01ff812fea98196783b65c6dc2fe77dfe0cd8a8773f9f95ac9d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    899bdd1ce65510aaa0b3d59bb624735e

    SHA1

    e54d8eb4f84a914af735e1e19d0a4faa4a0c2a33

    SHA256

    6f966a42eb21f3e8fe46d6c39558de5710886a6f5f2da9672698642587a2a781

    SHA512

    6c1baf5a9abb6ab5bc4ade39a8b03ff03af88df9d08b1624b5fb90e46b340641ea2c1ffcde71b69c59436e37730b185905dd8801ce5f6caef415a75106ce8705

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dad4b5ba80c91f3c8d145ec2c9fe1c15

    SHA1

    ad0194d711710010a7738f4229d523914d3ffd34

    SHA256

    aab534a8d97cf6d9c8fae3a931a8a0b9c519f2cf698dade4a3b02241a6c9e7d7

    SHA512

    7c2a04a78c280582161d3c2d5562a648c3afc9436b27d4a5c4c9bddfb6e0d8c1411ee5af104c05f155fec24b13bba7db853e10b573c7f5d2862173c1ca02cfce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    52f82b1fde7460a797b92dc9ae02af95

    SHA1

    22bac8c2d6138b9e738a5c74b1961a9fb3943c3c

    SHA256

    5ebf64dc9ac837ad374bd28248e1fa409180e742e057277cbf999e19e09d7622

    SHA512

    c0ac1d39c915bb03c98dce60650e1d94e7bc315485a87d8cd471dedf5eb81dbe9dbec8e7b9ae0f1469944e907777e18c3afd6597c702ca0a2d635e5912488ce4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    eb8f279a01e5cc3af866aa1ef7e328b2

    SHA1

    1af1d20205f12113e2625e84c5b48aebbb368bb6

    SHA256

    09f68a252f6707f2d6bcafe5a96ba21f52dcdaae749dc8fee57c5eb3c552cb96

    SHA512

    85cd23403ac647275a6832e506145977dd9f054ba2b218a1e5d2f259bfd49cc087897e441230c1c9b22efca693542ac1297c55a2aae1700a0c68400139d2d70b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    38945ce1c001f2c4776cd75757805ed8

    SHA1

    cce09c0b740b71d499c951a018aca86d944d4fc0

    SHA256

    bc103b605f8673a62c5c4d9185f3b5690dd4abe54913309655a19ed28894f9d2

    SHA512

    80774c23dce1ea37b0b577b2dc26b5428b5f6e56d149a41a03de88f1574eba9cb9236d76f2c25a0905eda75f1ebb100f37d129e71a15e7127ad5ccb369e2f6d9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7483e9678a28ab86d4175b6008f9ff56

    SHA1

    a40cd502437a63489df2ec27b0de329809c8e47e

    SHA256

    6fffcd92efdc2cd67881b26c0e5f36184666abf1189a4f34edb079654a35804d

    SHA512

    67f3962eb87e2bd99d4f53c6ed35fc384406b82f579f4d85f6537bc69f92b174693afddf908f7724d02764b2627f3ba89b730ab960f26e2ea6156dbc98d9d383

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71bffa0f8cecdc4ac1245f0078a66aab

    SHA1

    41459de61cbc065b8694671366f7a8a413fd15c2

    SHA256

    37ffe93f15c4aa8dde093958c1061bff9d6a3061d5e2d707c0ab8604f8bfc161

    SHA512

    730a8204150b279ffeb1c1a191cc1f514c3387271d7c59021a12f2052c4c78897c8027baf2abdc24e75109118e56dcfa817121d8c76efef89b5d8f289bd05cf2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9418086dc687a9ac64382590e97798f2

    SHA1

    5d206b3c6552d1b031e8e3786df885db55fa7b6d

    SHA256

    3e86172188c303b8f138c51e35060e621e122275d834347696ae09704fda15c9

    SHA512

    390b30e14943d8844f3683b92edf16dcc400593461d1ad25b4e992aefbba6c5591f86669331adb6a5d59b1d431bd7cc65c967a0f30e3deab2fbc068ffae9a44b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    79733c28136cb903bcf657c6126e70fc

    SHA1

    12412b4f742a2a9c9123f795096222f145619c90

    SHA256

    2c4f7a61793db56a0a62a42d9b95c349192a91f9fd81ad93297eb766675fea25

    SHA512

    8517186d76f7d2c3cd1b0fa6ff4cab937ddf88a29ce2f135eeff87987e224f16ac84783f31339ab288e177228ffc621656e56a5f7a55fd54c4826063b9c77e32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1070871ff1015c4faffa426cead4f233

    SHA1

    97a3ee4ec6c88c7fa08f4ab641e54e4a2740d22e

    SHA256

    862b4f672b37a06725117cde575a783c21db9e4c30e2b099c52c868c3b579502

    SHA512

    d5a8061ba21acf3aa692f05beba555261e43e6fa7b8c215a4db5622003737a7c2c9070b8f75a99433efe27fb2413a1bd7f8f6056afb3eb2bfabe0fe086c57984

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d279e1a7995bd755d35bd00926d52b72

    SHA1

    58e65e8150779204166b214e20770b713fe3884b

    SHA256

    bccfd2b78e7439474a399ce34749c38a8ee01aea5a86219db337a23e1120c153

    SHA512

    89767c5b9a4037c0952ed2338f62290e6bf83dc1a5c3ea06833815679d1dc7700f400dabada264aaabafa90f453fb611b5544013bd5a93f82b1482bce87d9a53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2b5432967291979938c04fe0bac52ccb

    SHA1

    684dc06934122be3490d7dfaabf5b4073528c017

    SHA256

    88a0995fc6f7c59fa74b8c2a8b1af4b1daefcdd816a4e2f873243aa8be70eae7

    SHA512

    2d829ef4e58ba135d69b3733922d16d82682a1182b0cabc0da9f12c6876ce4f2d7e9ce233c295a7ae6fb9b2cf4faf2771c305afe5d742eb9595dc5fa9d9280d2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    601d1cdde3f1e1d33fe620a363d94ff6

    SHA1

    2ebd61706ca940bc91eccf3b61aa28fe855edfbd

    SHA256

    3b83a4eb89d341f432b5611b12fac2e76ccde6f267156ef61c297c1109c3a22d

    SHA512

    f33a30f9206b0c04c8b0d3e6bd404a36ccf5b37c9c3933fb0d09eea7e4ac1c2f0ce9ee5977cbde66f0856568a70a106897c535198dac5bbe887dbde268178e92

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    59941fb844f8478c62ef2effbde369e4

    SHA1

    6e54cf1e36b939e4e05247294a3ff74e187f10e2

    SHA256

    b36421a8fa9c06972c87aa6d298c475550789e36a966b38afee8a5adc13ef9f8

    SHA512

    0444c208c4445bacaf06aea800091e2c3c63ab4ce00caf69277299c98bba0b87195705b6392eb7ed90549b276f44e7cb3ae4b4451a116671c7d026df6dfcf140

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62e555964db87d2463bcf6468aeb6de5

    SHA1

    7425bf3f13bc6848ed7778c5ef9e0d4158a70888

    SHA256

    f8360933a9e509d88b32d2667af5cd62f2eaa017df6ad6e294aba8c523feb59d

    SHA512

    37c3a166f92826edd91afe2b6046e1003558528cf484bf7cb36cbec3fde534d7b544cbec86b9aba98e9b6cf8b8b292d37162cc765dff55a2f72e60025a6ae262

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5D30.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5DEF.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit