SmartHawk

suspicious_features	GET method with no useragent header, HTTP version 1.0 used	suspicious_request	GET http://setup.roblox.com/version?guid22402
suspicious_features	GET method with no useragent header, HTTP version 1.0 used	suspicious_request	GET http://setup.roblox.com/version-a28f2f02fcb14a89-RobloxVersion.txt
suspicious_features	GET method with no useragent header, HTTP version 1.0 used	suspicious_request	GET http://setup.roblox.com/cdn.txt
suspicious_features	GET method with no useragent header, HTTP version 1.0 used	suspicious_request	GET http://setup.rbxcdn.com/version-a28f2f02fcb14a89-RobloxPlayerLauncher.exe

Performs some HTTP requests (5 个事件)

request	GET http://clientsettings.api.roblox.com/Setting/QuietGet/WindowsBootstrapperSettings/?apiKey=76E5A40C-3AE1-4028-9F10-7C62520BD94F
request	GET http://setup.roblox.com/version?guid22402
request	GET http://setup.roblox.com/version-a28f2f02fcb14a89-RobloxVersion.txt
request	GET http://setup.roblox.com/cdn.txt
request	GET http://setup.rbxcdn.com/version-a28f2f02fcb14a89-RobloxPlayerLauncher.exe

Creates a shortcut to an executable file (8 个事件)

file	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Studio 2.0.lnk
file	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox\Play Roblox.lnk
file	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Studio Beta.lnk
file	C:\Users\Administrator.Oskar-PC\Desktop\ROBLOX Studio 2.0.lnk
file	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox\ROBLOX Studio 2.0 Beta.lnk
file	C:\Users\Administrator.Oskar-PC\Desktop\ROBLOX Studio 2.0 Beta.lnk
file	C:\Users\Administrator.Oskar-PC\Desktop\Play Roblox.lnk
file	C:\Users\Administrator.Oskar-PC\Desktop\ROBLOX Studio Beta.lnk

Drops an executable to the user AppData folder (1 个事件)

file	C:\Users\Administrator.Oskar-PC\AppData\Local\Temp\RBX-40ACB6F1.tmp

Checks adapter addresses which can be used to detect virtual network interfaces (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1620841820.680751 GetAdaptersAddresses	flags: 0 family: 0	failed	111	0

Queries for potentially installed applications (1 个事件)

Time & API	Arguments	Status	Return	Repeated
1620841818.555751 RegOpenKeyExW	access: 0x00020019 base_handle: 0x80000002 key_handle: 0x00000000 regkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B805FF17-92FE-4757-8142-F0A2850DFE03} regkey_r: Software\Microsoft\Windows\CurrentVersion\Uninstall\{B805FF17-92FE-4757-8142-F0A2850DFE03} options: 0	failed	2	0

Communicates with host for which no DNS query was performed (1 个事件)

host

172.217.24.14

Sets or modifies WPAD proxy autoconfiguration file for traffic interception (15 个事件)

Time & API	Arguments	Status
1620841823.274751 RegSetValueExA	key_handle: 0x000003a8 value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason	success
1620841823.274751 RegSetValueExA	key_handle: 0x000003a8 value: À2"G× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime	success
1620841823.274751 RegSetValueExA	key_handle: 0x000003a8 value: 3 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision	success
1620841823.274751 RegSetValueExW	key_handle: 0x000003a8 value: 网络 2 regkey_r: WpadNetworkName reg_type: 1 (REG_SZ) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName	success
1620841823.274751 RegSetValueExA	key_handle: 0x000003c0 value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason	success
1620841823.274751 RegSetValueExA	key_handle: 0x000003c0 value: À2"G× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime	success
1620841823.290751 RegSetValueExA	key_handle: 0x000003c0 value: 3 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision	success
1620841823.321751 RegSetValueExW	key_handle: 0x000003a4 value: {40112ABE-63B3-43C3-BE93-1440EE3AF106} regkey_r: WpadLastNetwork reg_type: 1 (REG_SZ) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\WpadLastNetwork	success
1620841825.274751 RegSetValueExA	key_handle: 0x0000041c value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionReason	success
1620841825.290751 RegSetValueExA	key_handle: 0x0000041c value: íµ3"G× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecisionTime	success
1620841825.290751 RegSetValueExA	key_handle: 0x0000041c value: 0 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadDecision	success
1620841825.290751 RegSetValueExW	key_handle: 0x0000041c value: 网络 2 regkey_r: WpadNetworkName reg_type: 1 (REG_SZ) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{40112ABE-63B3-43C3-BE93-1440EE3AF106}\WpadNetworkName	success
1620841825.290751 RegSetValueExA	key_handle: 0x00000418 value: 1 regkey_r: WpadDecisionReason reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionReason	success
1620841825.290751 RegSetValueExA	key_handle: 0x00000418 value: íµ3"G× regkey_r: WpadDecisionTime reg_type: 3 (REG_BINARY) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecisionTime	success
1620841825.290751 RegSetValueExA	key_handle: 0x00000418 value: 0 regkey_r: WpadDecision reg_type: 4 (REG_DWORD) regkey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\0a-00-27-00-00-00\WpadDecision	success

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2016-06-29 07:59:42

Imports

Library KERNEL32.dll:

• 0x46c0b0 GetModuleHandleW

• 0x46c0b4 GetTempPathW

• 0x46c0b8 DeleteFileW

• 0x46c0bc GetVersionExW

• 0x46c0c0 GetSystemTime

• 0x46c0c4 lstrcmpW

• 0x46c0c8 GetModuleFileNameW

• 0x46c0cc MultiByteToWideChar

• 0x46c0d0 lstrlenA

• 0x46c0d4 WideCharToMultiByte

• 0x46c0d8 lstrlenW

• 0x46c0dc InterlockedDecrement

• 0x46c0e0 WaitForSingleObject

• 0x46c0e4 ReleaseMutex

• 0x46c0e8 CreateMutexW

• 0x46c0ec SetEvent

• 0x46c0f0 ResetEvent

• 0x46c0f4 SetEndOfFile

• 0x46c0f8 CreateFileA

• 0x46c0fc GetLocaleInfoW

• 0x46c100 SetStdHandle

• 0x46c104 WriteConsoleW

• 0x46c108 GetConsoleOutputCP

• 0x46c10c WriteConsoleA

• 0x46c110 GetModuleHandleA

• 0x46c114 GetStringTypeW

• 0x46c118 GetStringTypeA

• 0x46c11c IsValidLocale

• 0x46c120 EnumSystemLocalesA

• 0x46c124 GetLocaleInfoA

• 0x46c128 GetUserDefaultLCID

• 0x46c12c LoadLibraryA

• 0x46c130 QueryPerformanceCounter

• 0x46c134 GetCommandLineW

• 0x46c138 GetEnvironmentStringsW

• 0x46c13c FreeEnvironmentStringsW

• 0x46c140 IsValidCodePage

• 0x46c144 GetOEMCP

• 0x46c148 GetACP

• 0x46c14c FlushFileBuffers

• 0x46c150 ReadFile

• 0x46c154 SetFilePointer

• 0x46c158 GetConsoleMode

• 0x46c15c GetConsoleCP

• 0x46c160 GetModuleFileNameA

• 0x46c164 GetStartupInfoA

• 0x46c168 GetFileType

• 0x46c16c GetStdHandle

• 0x46c170 SetHandleCount

• 0x46c174 VirtualAlloc

• 0x46c178 VirtualFree

• 0x46c17c HeapCreate

• 0x46c180 OpenEventW

• 0x46c184 CreateEventW

• 0x46c188 GetLastError

• 0x46c18c GetCPInfo

• 0x46c190 LCMapStringW

• 0x46c194 LCMapStringA

• 0x46c198 CloseHandle

• 0x46c19c CreateEventA

• 0x46c1a0 FormatMessageA

• 0x46c1a4 LocalFree

• 0x46c1a8 CreateSemaphoreA

• 0x46c1ac HeapAlloc

• 0x46c1b0 GetProcessHeap

• 0x46c1b4 HeapFree

• 0x46c1b8 GetSystemTimeAsFileTime

• 0x46c1bc InitializeCriticalSection

• 0x46c1c0 DeleteCriticalSection

• 0x46c1c4 ReleaseSemaphore

• 0x46c1c8 InterlockedIncrement

• 0x46c1cc GetCurrentThreadId

• 0x46c1d0 GetCurrentProcess

• 0x46c1d4 GetCurrentThread

• 0x46c1d8 DuplicateHandle

• 0x46c1dc LoadLibraryW

• 0x46c1e0 GetProcAddress

• 0x46c1e4 FreeLibrary

• 0x46c1e8 CreateProcessW

• 0x46c1ec RaiseException

• 0x46c1f0 TerminateProcess

• 0x46c1f4 GetTickCount

• 0x46c1f8 GetUserGeoID

• 0x46c1fc GetGeoInfoW

• 0x46c200 CompareFileTime

• 0x46c204 FindFirstFileW

• 0x46c208 FindNextFileW

• 0x46c20c FindClose

• 0x46c210 Sleep

• 0x46c214 GetLocalTime

• 0x46c218 OpenProcess

• 0x46c21c CreateDirectoryW

• 0x46c220 VerSetConditionMask

• 0x46c224 VerifyVersionInfoW

• 0x46c228 GetDiskFreeSpaceExW

• 0x46c22c SetFileAttributesW

• 0x46c230 RemoveDirectoryW

• 0x46c234 CreateFileMappingW

• 0x46c238 MapViewOfFile

• 0x46c23c UnmapViewOfFile

• 0x46c240 SizeofResource

• 0x46c244 LockResource

• 0x46c248 LoadResource

• 0x46c24c FindResourceW

• 0x46c250 FindResourceExW

• 0x46c254 GetShortPathNameW

• 0x46c258 FormatMessageW

• 0x46c25c CreateFileW

• 0x46c260 GetFileAttributesW

• 0x46c264 InitializeCriticalSectionAndSpinCount

• 0x46c268 EnterCriticalSection

• 0x46c26c LeaveCriticalSection

• 0x46c270 TlsAlloc

• 0x46c274 InterlockedExchange

• 0x46c278 InterlockedExchangeAdd

• 0x46c27c WaitForMultipleObjects

• 0x46c280 TerminateThread

• 0x46c284 QueueUserAPC

• 0x46c288 SleepEx

• 0x46c28c PostQueuedCompletionStatus

• 0x46c290 CreateIoCompletionPort

• 0x46c294 SetWaitableTimer

• 0x46c298 GetQueuedCompletionStatus

• 0x46c29c InterlockedCompareExchange

• 0x46c2a0 SetLastError

• 0x46c2a4 TlsGetValue

• 0x46c2a8 TlsSetValue

• 0x46c2ac TlsFree

• 0x46c2b0 GetFileAttributesExW

• 0x46c2b4 GetFileSizeEx

• 0x46c2b8 MulDiv

• 0x46c2bc SystemTimeToFileTime

• 0x46c2c0 OpenEventA

• 0x46c2c4 GetCurrentProcessId

• 0x46c2c8 CreateWaitableTimerW

• 0x46c2cc ResumeThread

• 0x46c2d0 GetExitCodeProcess

• 0x46c2d4 lstrcpyW

• 0x46c2d8 lstrcatW

• 0x46c2dc WriteFile

• 0x46c2e0 GetFileTime

• 0x46c2e4 DosDateTimeToFileTime

• 0x46c2e8 LocalFileTimeToFileTime

• 0x46c2ec SetFileTime

• 0x46c2f0 HeapDestroy

• 0x46c2f4 HeapReAlloc

• 0x46c2f8 HeapSize

• 0x46c2fc UnhandledExceptionFilter

• 0x46c300 SetUnhandledExceptionFilter

• 0x46c304 IsDebuggerPresent

• 0x46c308 RtlUnwind

• 0x46c30c GetStartupInfoW

• 0x46c310 ExitProcess

• 0x46c314 ExitThread

• 0x46c318 CreateThread

Library USER32.dll:

• 0x46c384 InvalidateRect

• 0x46c388 ShowWindow

• 0x46c38c SetWindowLongW

• 0x46c390 CreateWindowExW

• 0x46c394 LoadBitmapW

• 0x46c398 DefWindowProcW

• 0x46c39c CallWindowProcW

• 0x46c3a0 GetParent

• 0x46c3a4 GetWindowRect

• 0x46c3a8 SendMessageW

• 0x46c3ac GetWindowLongW

• 0x46c3b0 AllowSetForegroundWindow

• 0x46c3b4 SetWindowTextW

• 0x46c3b8 CharNextW

• 0x46c3bc GetMessageW

• 0x46c3c0 TranslateAcceleratorW

• 0x46c3c4 TranslateMessage

• 0x46c3c8 DispatchMessageW

• 0x46c3cc SetFocus

• 0x46c3d0 SetWindowPos

• 0x46c3d4 MessageBoxW

• 0x46c3d8 PostThreadMessageW

• 0x46c3dc GetWindowThreadProcessId

• 0x46c3e0 EnumWindows

• 0x46c3e4 GetDlgItem

• 0x46c3e8 PostQuitMessage

• 0x46c3ec BeginPaint

• 0x46c3f0 CharUpperW

• 0x46c3f4 EndPaint

• 0x46c3f8 LoadIconW

• 0x46c3fc RegisterClassW

• 0x46c400 GetSystemMetrics

• 0x46c404 GetDC

• 0x46c408 ReleaseDC

• 0x46c40c SetTimer

• 0x46c410 FillRect

• 0x46c414 DestroyWindow

• 0x46c418 EnableWindow

• 0x46c41c IsWindowVisible

• 0x46c420 SetForegroundWindow

• 0x46c424 PostMessageW

• 0x46c428 GetWindowTextW

• 0x46c42c MessageBoxA

• 0x46c430 LoadAcceleratorsW

• 0x46c434 KillTimer

Library GDI32.dll:

• 0x46c07c Rectangle

• 0x46c080 SelectObject

• 0x46c084 CreatePen

• 0x46c088 GetStockObject

• 0x46c08c SetTextColor

• 0x46c090 CreateFontW

• 0x46c094 DeleteObject

• 0x46c098 GetDeviceCaps

• 0x46c09c SetBkMode

• 0x46c0a0 CreateSolidBrush

Library ADVAPI32.dll:

• 0x46c000 GetTokenInformation

• 0x46c004 RegQueryValueExW

• 0x46c008 RegOpenKeyExW

• 0x46c00c RegCloseKey

• 0x46c010 GetUserNameW

• 0x46c014 GetSidSubAuthority

• 0x46c018 CheckTokenMembership

• 0x46c01c DuplicateToken

• 0x46c020 RegDeleteKeyW

• 0x46c024 RegEnumKeyExW

• 0x46c028 RegDeleteValueW

• 0x46c02c IsValidSid

• 0x46c030 GetLengthSid

• 0x46c034 CopySid

• 0x46c038 OpenProcessToken

• 0x46c03c OpenThreadToken

• 0x46c040 GetSidLengthRequired

• 0x46c044 InitializeSid

• 0x46c048 RegSetValueExW

• 0x46c04c RegCreateKeyExW

• 0x46c050 CryptGetHashParam

• 0x46c054 CryptHashData

• 0x46c058 CryptDestroyHash

• 0x46c05c CryptReleaseContext

• 0x46c060 CryptCreateHash

• 0x46c064 CryptAcquireContextW

• 0x46c068 RegFlushKey

Library SHELL32.dll:

• 0x46c344 ShellExecuteW

• 0x46c348 SHGetFolderPathAndSubDirW

• 0x46c34c ShellExecuteExW

Library ole32.dll:

• 0x46c4cc CoUninitialize

• 0x46c4d0 CoCreateInstance

• 0x46c4d4 CoCreateGuid

• 0x46c4d8 CoInitialize

• 0x46c4dc StringFromGUID2

Library OLEAUT32.dll:

• 0x46c320 VariantClear

• 0x46c324 VariantInit

• 0x46c328 RegisterTypeLib

• 0x46c32c SysAllocString

• 0x46c330 SysFreeString

Library SHLWAPI.dll:

• 0x46c354 SHDeleteKeyW

• 0x46c358 StrCmpW

• 0x46c35c PathAddBackslashW

• 0x46c360 StrRChrW

• 0x46c364 StrCpyW

• 0x46c368 StrCmpNW

• 0x46c36c PathFileExistsW

• 0x46c370 StrDupW

• 0x46c374 StrStrW

Library VERSION.dll:

• 0x46c444 GetFileVersionInfoW

• 0x46c448 VerQueryValueW

• 0x46c44c GetFileVersionInfoSizeW

Library SensApi.dll:

• 0x46c37c IsNetworkAlive

Library USERENV.dll:

• 0x46c43c UnloadUserProfile

Library WS2_32.dll:

• 0x46c48c select

• 0x46c490 ioctlsocket

• 0x46c494 WSASend

• 0x46c498 WSASocketW

• 0x46c49c setsockopt

• 0x46c4a0 WSAGetLastError

• 0x46c4a4 getaddrinfo

• 0x46c4a8 freeaddrinfo

• 0x46c4ac connect

• 0x46c4b0 getsockopt

• 0x46c4b4 WSARecv

• 0x46c4b8 WSASetLastError

• 0x46c4bc WSAStartup

• 0x46c4c0 closesocket

• 0x46c4c4 WSACleanup

Library WININET.dll:

• 0x46c454 InternetSetOptionW

• 0x46c458 HttpQueryInfoW

• 0x46c45c HttpEndRequestW

• 0x46c460 HttpSendRequestW

• 0x46c464 HttpOpenRequestW

• 0x46c468 HttpAddRequestHeadersW

• 0x46c46c InternetCloseHandle

• 0x46c470 InternetConnectW

• 0x46c474 InternetWriteFile

• 0x46c478 HttpSendRequestExW

• 0x46c47c InternetReadFile

• 0x46c480 InternetQueryDataAvailable

• 0x46c484 InternetOpenW

Library COMCTL32.dll:

• 0x46c070 _TrackMouseEvent

• 0x46c074 InitCommonControlsEx

Library PSAPI.DLL:

• 0x46c338 GetProcessImageFileNameW

• 0x46c33c EnumProcesses

Library IPHLPAPI.DLL:

• 0x46c0a8 GetAdaptersInfo

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 20.189.79.72 CNAME time.microsoft.akadns.net
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
setup.rbxcdn.com	A 178.79.208.35 CNAME setup-ns1.rbxcdn.com CNAME robloxinc.s.llnwi.net CNAME setup-ll.rbxcdn.com A 95.140.233.140	23.62.236.9
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
setup.roblox.com	CNAME s3.amazonaws.com A 52.216.88.149	52.216.179.141
clientsettings.api.roblox.com	CNAME gold.roblox.com A 128.116.120.3	128.116.120.3
teredo.ipv6.microsoft.com

TCP

Source	Source Port	Destination	Destination Port
192.168.56.101	49178	128.116.120.3 clientsettings.api.roblox.com	80
192.168.56.101	49180	52.216.88.149 setup.roblox.com	80
192.168.56.101	49181	52.216.88.149 setup.roblox.com	80
192.168.56.101	49182	52.216.88.149 setup.roblox.com	80
192.168.56.101	49184	95.140.233.140 setup.rbxcdn.com	80

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	50002	114.114.114.114	53
192.168.56.101	50568	114.114.114.114	53
192.168.56.101	53237	114.114.114.114	53
192.168.56.101	57756	114.114.114.114	53
192.168.56.101	58367	114.114.114.114	53
192.168.56.101	62318	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	123	20.189.79.72 time.windows.com	123
192.168.56.101	49235	224.0.0.252	5355
192.168.56.101	50534	224.0.0.252	5355
192.168.56.101	51963	224.0.0.252	5355
192.168.56.101	53657	224.0.0.252	5355
192.168.56.101	56804	224.0.0.252	5355
192.168.56.101	57874	224.0.0.252	5355
192.168.56.101	60384	224.0.0.252	5355
192.168.56.101	62191	224.0.0.252	5355
192.168.56.101	63429	224.0.0.252	5355
192.168.56.101	1900	239.255.255.250	1900
192.168.56.101	50003	239.255.255.250	3702

HTTP & HTTPS Requests

URI	Data
http://setup.roblox.com/version-a28f2f02fcb14a89-RobloxVersion.txt	GET /version-a28f2f02fcb14a89-RobloxVersion.txt HTTP/1.0 Host: setup.roblox.com Accept: / Connection: close
http://clientsettings.api.roblox.com/Setting/QuietGet/WindowsBootstrapperSettings/?apiKey=76E5A40C-3AE1-4028-9F10-7C62520BD94F	GET /Setting/QuietGet/WindowsBootstrapperSettings/?apiKey=76E5A40C-3AE1-4028-9F10-7C62520BD94F HTTP/1.1 User-Agent: Roblox/WinInet Host: clientsettings.api.roblox.com
http://setup.roblox.com/version?guid22402	GET /version?guid22402 HTTP/1.0 Host: setup.roblox.com Accept: / Connection: close
http://setup.roblox.com/cdn.txt	GET /cdn.txt HTTP/1.0 Host: setup.roblox.com Accept: / Connection: close
http://setup.rbxcdn.com/version-a28f2f02fcb14a89-RobloxPlayerLauncher.exe	GET /version-a28f2f02fcb14a89-RobloxPlayerLauncher.exe HTTP/1.0 Host: setup.rbxcdn.com Accept: / Connection: close

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.