Overview

overview

3

Static

static

3

roblox/AMD...md.vbs

windows7-x64

1

roblox/AMD...md.vbs

windows10-2004-x64

1

roblox/Net...nt.dll

windows7-x64

1

roblox/Net...nt.dll

windows10-2004-x64

1

roblox/Net...nt.dll

windows7-x64

1

roblox/Net...nt.dll

windows10-2004-x64

1

roblox/Net...ry.dll

windows7-x64

1

roblox/Net...ry.dll

windows10-2004-x64

1

roblox/Net...PC.dll

windows7-x64

1

roblox/Net...PC.dll

windows10-2004-x64

1

roblox/aoc...ux.vbs

windows7-x64

1

roblox/aoc...ux.vbs

windows10-2004-x64

1

roblox/aoc...pp.pdf

windows7-x64

3

roblox/aoc...pp.pdf

windows10-2004-x64

3

roblox/aoc...sl.pdf

windows7-x64

3

roblox/aoc...sl.pdf

windows10-2004-x64

3

roblox/aoc...toc.js

windows7-x64

3

roblox/aoc...toc.js

windows10-2004-x64

3

roblox/aoc...r.html

windows7-x64

3

roblox/aoc...r.html

windows10-2004-x64

3

roblox/aoc...r.html

windows7-x64

3

roblox/aoc...r.html

windows10-2004-x64

3

roblox/aoc...lt.ps1

windows7-x64

3

roblox/aoc...lt.ps1

windows10-2004-x64

3

roblox/aoc...cm.vbs

windows7-x64

1

roblox/aoc...cm.vbs

windows10-2004-x64

1

roblox/clo...ll.ps1

windows7-x64

3

roblox/clo...ll.ps1

windows10-2004-x64

3

roblox/clo...-alive

ubuntu-18.04-amd64

1

roblox/clo...-alive

debian-9-armhf

1

roblox/clo...-alive

debian-9-mips

1

roblox/clo...-alive

debian-9-mipsel

1

Analysis

  • max time kernel
    117s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    05/08/2024, 20:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    roblox/aocl-roblox-main/docs/styling/header.html

  • Size

    6KB

  • MD5

    30db13ef1b10d8480963848b88327537

  • SHA1

    e33b9a8def55cae36456bd3f62f4bf9db5bfaf72

  • SHA256

    9d8ddfd345e873219800c4661b50ed095844e9d2ce1f9bf1305c82e4e8cdacb9

  • SHA512

    4ec4844e3cc5d5e84336e71f66d5cf921d336ddd60afc56ebaefd3455ad5d7921d90c520e00b72c6c326373b143f8b6f4b0d5cd2c5156a91ad87271c0ce7c059

  • SSDEEP

    96:wdJxJzEkQ/3M3VWLJFTlGWJYxqQbp0fSBwNtFAg+/SQLte4P9Xsobv:wzHQx/3M3s2xqQV0fOIFq/LA4VX1L

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\roblox\aocl-roblox-main\docs\styling\header.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1972 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d1f5613db238224e938e575629b7f13a

    SHA1

    91abc9e6073a6c6037410d77a6f0500f19f40c45

    SHA256

    abc0dad127797abc79cc44ad30b97096652f547f888f4b15baa808d82a1bb61a

    SHA512

    56d2e1173622941eb073dca0cc9d4364c812585a11f33bc7b7236e70ab3e5cfffefb7b3ee5f14c3f06875d76b41e0fa9c252aec9e0466efe56415f89f6e56a54

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a4ebaee37041013815f92cf9db30d50

    SHA1

    821c048a6406c96a52a4eeebcbcb6e5e4ea0acc4

    SHA256

    b102b4fcba06f571247c44a529e6540ccf454d79299e286afd439bc9250edabf

    SHA512

    add676f96302707fe6943b437e17e9943d4467b01ad869389f20d889d623443f3605849298634f0bb3e2c00456df19b2b7a75aaa129d239188235a6727cb0b1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d8702877b613ca69b1e262c449b7f4bc

    SHA1

    5fd6eb58379dbcac2022e8a7fba239f23a0b6c7c

    SHA256

    e6a7a7a443bfb485b81f4d13744dc87e9f5fe4152853a8983eab346018611b07

    SHA512

    3421dee3b5c39361fb775757bbdf2d8080e6a10d84b4c6d9513cf1df60fb336329eb1109ea1a405a6a229b6e2427f123c8dff658aac275a732ecbaa3a14fc64b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a57ca941dcb2b99c686caaaa61ebf76

    SHA1

    38aef3502dfed78440d81016cbbd961fa0073f7e

    SHA256

    6a102871fa2e0739ff2156a55f57b4a9f8a8cf0c7a888736598d15e5573f04d5

    SHA512

    164f740b712d1b438feb92fd7ba7fbe02fe874547b819fbc0884b86912aa8c7f264c50252b379ee5fe7efcc8cca0b445745e11f665e334aa4e480b46595a36a5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9ad91f176bc137b0ca52630954157a66

    SHA1

    a9e6b4dc8fc2b43a8b57ead870657ee1a4a63e69

    SHA256

    11cd3010f98d5ffd5ad93bfe558773e2eb1d0bafd50a7f1cb7fe091fe5b9e09c

    SHA512

    be3c9f07c34baf3fff32644e2caae70e152e7c3b46f4112c44e55f4299b52e4e0e55ce914c7e14ee0316deea44abc3bf06fb6cbc3b491e6b06a8f8d36a747f0e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9282eead0e94551331ed402bedab2341

    SHA1

    d75ed41f09600f4b38defa2d8cc9c124d3663594

    SHA256

    e49d47f711c5a441c4fbbcbdb433077792361512e228d09a4b7234c8ffd2995b

    SHA512

    eee91973f60cbaa81718f028120e68c6aff51ec7e8cc1520b69ea10c0bf95b63bb493aae25a138158c7aada4935594e660838d9821dc6f3ca59fe6b1545c2e6f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f6706209d905b158be107cf27ac551fd

    SHA1

    a186889b08b4d4068101388ccb95edc2c95afbf4

    SHA256

    7f6af8a0b0d543535de46245ac37db19a0e50089ecffcb1b7ec2c131459944fb

    SHA512

    a1d9ae5c979f1ada9f4f388aef29210bea920990f8953e6eca7e17ef146b23960df19d9aaf2820325d2a080254d1ddea61e69aea1bed6b548c15a3629893e6c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9f69633e7af4f6bdf98a86bc3cb0a549

    SHA1

    529c46fc6f300d3a7f0abf535ccf778e2b37c01c

    SHA256

    ee991fc8a9d280e539e066325b98d2a314b66f987c170de154182b1d240cb348

    SHA512

    e63a8dd887bdc00bf909318c3c3887f699e9361a66e40a5e2f0db53dbe3c267483d4eebb449fa6ff46d5013ce5cf30e310695b0331cb73c6ed9a9ff0138de44a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f4fe6b02e02421354f205c1950ded9c7

    SHA1

    1a55f66966ae4b17498aef64c77d752c02165b8b

    SHA256

    758b7f7c3a655cfc7167de6ced60382ab19e15d5a6f8374655bd46042fcf856b

    SHA512

    9a64c1b1bc9706da3bb54da1c57b8e021c03d396d6e16eb43ac9728b5e8318992d1c4e9a1c0d3bbf115ed04a9d015eec7902131ea0f79d257472892c3549a25d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4ec88e479153fcffec29b310c1cb177b

    SHA1

    bcd8c3ec0db3371f5f9346e0cceb80ecc7e1ba6d

    SHA256

    b0841acdfaca95ef58f4621005cca674a4215197dba7eefbd16dc9095e92b9eb

    SHA512

    27d6b939737491d9362e70c213fed198d4453da242b0ae8304953001502cebaf1a9e971f2556f3c08d7284538b7a6203b1ccb9387bc945888a5fa65b93faccd0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    81cca0810e0d86b1c5d975966a732cb5

    SHA1

    cb25b2d677be38d68fb452b95d7577f311e1826f

    SHA256

    a1d06b083811dda2ea6ae008bc04dc8b334bc6a606c75e6a48e52bda713f74de

    SHA512

    20d27a89a0de00f66719fa7b54479337c850ae765d9b0495b6501ddb4743a70789aeedf1e5b4c60801c503f01e7fb04b7e54e96db0bbaad3811d8587785e2c61

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c29010b18241fbe807afbe38709a1378

    SHA1

    45a538ca59a147fa88f1e687c680fe92fd368c72

    SHA256

    2cf81a947ccdb6b6093c0085c80d947929ff69618cd8bbd74a173bf62009b750

    SHA512

    c05ab5ed0e65e2113f251541f585119464d8d53e5b3fa3c96e9a4ddb7c6e450a62de3f16b58a1199bad9dce96e727cd65ee2a34ec41c7acde589677a318792b4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    264ce1710a97b86782c7ad3ef2df23f0

    SHA1

    6feaee6052a0a0f0a1f2dec0d702e47c908ce4a8

    SHA256

    caff50811a4621dc4dfcd522ced4fec45a7501441f5faab48cd02e041da4d958

    SHA512

    e7e5358b25b79ad7f7f6e4f76188e8451248356f210a063598cd9cc18976b7b9e70a6fa0a20a0814c0d532eeb1944de207a3c424124df39d3ee0e19726074a96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d5bc8fe96946d5a2de0792d643fb33e1

    SHA1

    1a5a247416b717ee4a7ac4e792e4cdd1fbf6683f

    SHA256

    13847347e9fa9098efc03806f3d561872f62d7988898bf985891fbf2a6052504

    SHA512

    38b38364bdbee63265627e58a14bcedd824c3f48d821a5c77dedef0b707e40d79e07ad9a447854d22c62ad67e0e569156037f3cac01ea42ac92f45284aa43677

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fbf862b4688941c9276e84234d139497

    SHA1

    9fe8442e48e0c88c156c93cccbe9f18b2bd913d9

    SHA256

    2201446a957cb0cfbdef7f9018a3872d288512d7e7d05a6617af125c5e6c0ca7

    SHA512

    c2e782fad4da671cf8bbe459af62042efbe40507dd5dbde72ae62494c1985eaf97107278070c4033ced885bfc1d9d08110eb0a2ca100c36c71b698131a821a8e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6bbf481990d84690298a1a9c30dc9df6

    SHA1

    61425b4a79ccd5b293162a82f6c1c418ccb4821e

    SHA256

    d5bedd7fdaf9873a33d771086a28e99c8924eea0e5d6b734d4b7a5351fd66fdf

    SHA512

    a61f3744a13cb2d087bb563bf15abee59b8d2dcddb0ea2e35be59ab8c32d90672ee891547f6aac0b9899fe28a75590175cf49666241724fef0932e752805e770

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    63fdab0157960e2312cf36dfe10f2aee

    SHA1

    9e040d042067fd50b16adcf7a71b666724bf92f3

    SHA256

    0b42fdeffa4085e98f837a7c5d46ed5864f078c22aa9ed6dc5e469f759de24d5

    SHA512

    5c05127b17d43361b7600382fff5f323defbbe4c2403e8cf57efdbf04eeddbfd60991a50179e9739a7e4830fa006b29a8b77e8bb9365313a64338d84c45f23c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1de2f0fe2b1698c7ce8ed19fa2c25e09

    SHA1

    a406b903eda9a0e8a32a6b63a4b979aaa1630d56

    SHA256

    15b9f8d83e5741d9242bf99c016bb778e26dfd64391017db790e3bfc9526d979

    SHA512

    d689781a6f8d2db3ff632355a17887e76f541411f7091ad5561e4b039c24ac00ca3528b86cbe6d77c31eedfee6c4e6e818478dbc93b7202e2463d66766d7d023

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE9D4.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarEA46.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit