Overview

overview

10

Static

static

10

cheatroblox.exe

windows7-x64

cheatroblox.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cheatroblox.exe

  • Size

    3.3MB

  • Sample

    240704-kst3hsshnr

  • MD5

    0c3e07265eded8fc455a638d5ec44f2c

  • SHA1

    cf71372d50bf58acfdaa8f7fc1854de0ca42deaf

  • SHA256

    50258d28e57d1470e34bcb97075ac5d97c236918d3cc1f728830fd9a5e70b25b

  • SHA512

    74dcff438fe87e65a6c28f24c8c55bd8dc7f1bd0ac413d24545559219f96e8f8cbf673d4ccf597ea82613d4584ed06f50861ffd18cac8c0dcbeecaa64fffbb0b

  • SSDEEP

    49152:1Djlabwz9JCTqIcN+hvbhMVAvEBjXFEwc7QNexKYFNa/ern/eXGbXwSF12Uz:ZqwfCTfrbhM+vEV7NeXKern/e2t1Zz

Score
10/10
dcratrat

Malware Config

Targets

    • Target

      cheatroblox.exe

    • Size

      3.3MB

    • MD5

      0c3e07265eded8fc455a638d5ec44f2c

    • SHA1

      cf71372d50bf58acfdaa8f7fc1854de0ca42deaf

    • SHA256

      50258d28e57d1470e34bcb97075ac5d97c236918d3cc1f728830fd9a5e70b25b

    • SHA512

      74dcff438fe87e65a6c28f24c8c55bd8dc7f1bd0ac413d24545559219f96e8f8cbf673d4ccf597ea82613d4584ed06f50861ffd18cac8c0dcbeecaa64fffbb0b

    • SSDEEP

      49152:1Djlabwz9JCTqIcN+hvbhMVAvEBjXFEwc7QNexKYFNa/ern/eXGbXwSF12Uz:ZqwfCTfrbhM+vEV7NeXKern/e2t1Zz

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks