home

Roblox.exe

Roblox Bootstrapper

ROBLOX Corporation

This is the uninstaller utility registered in the Windows Control Panel for the program ROBLOX Player for andy by ROBLOX Corporation. The file has been seen being downloaded from roblox.soft32.es and multiple other hosts.
Publisher:
ROBLOX Corporation  (signed and verified)

Product:
Roblox Bootstrapper

Description:
Roblox

Version:
1, 6, 3, 68937

MD5:
c3408796984951838c2f7961ac8a1c2a

SHA-1:
ae0ba718333632d2d5836de4e043a5a18b9680dd

SHA-256:
5606e9621e161e309fbda4a3c8aa710467fcf16b114f1a82908512be13071a32

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/15/2024 2:50:15 PM UTC  (today)

File size:
1 MB (1,058,808 bytes)

Product version:
1, 6, 3, 0

Copyright:
(C) 2012 ROBLOX Corporation. All rights reserved.

Original file name:
Roblox.exe

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\rbx-84c4dd87.tmp

Digital Signature
Signed by:
ROBLOX Corporation

Authority:
Symantec Corporation

Valid from:
9/10/2015 8:00:00 PM

Valid to:
10/10/2016 7:59:59 PM

Subject:
CN=ROBLOX Corporation, O=ROBLOX Corporation, L=San Mateo, S=California, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1B8159FAF8228B39ABC00E31BBAD4309

File PE Metadata
Compilation timestamp:
2/5/2016 2:34:22 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:vmH+kJ26GO0bHYAoOGqsTk7m+bMDGUsCk:Jd6GO0bHYAlGqsTf+bMqUsCk

Entry address:
0x49C3C

Entry point:
E8, 7E, B3, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 7C, 09, E8, FD, B3, 00, 00, 3B, 30, 7C, 07, E8, F4, B3, 00, 00, 8B, 30, E8, F3, B3, 00, 00, 8B, 04, B0, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 53, 56, E8, A8, 6F, 00, 00, 8B, F0, 33, DB, 3B, F3, 75, 07, B8, 10, D0, 46, 00, EB, 4D, 57, BF, 86, 00, 00, 00, 39, 5E, 24, 75, 18, 6A, 01, 57, E8, 3E, 48, 00, 00, 59, 59, 89, 46, 24, 3B, C3, 75, 07, B8, 10, D0, 46, 00, EB, 29, FF, 75, 08, 8B, 76, 24, E8, 8F, FF, FF, FF, 50, 57, 56, E8, C1...
 
[+]

Entropy:
5.7990

Code size:
424.5 KB (434,688 bytes)

704 Program Uninstaller
Program name:
ROBLOX Player for andy

Display publisher:
ROBLOX Corporation

Uninstall string:
"C:\users\{user}\appdata\local\roblox\versions\version-44dbdc803ea548d8\robloxplayerlauncher.exe" -uninstall

Program name:
ROBLOX Player for Jacksons

Display publisher:
ROBLOX Corporation

Uninstall string:
"C:\users\{user}\appdata\local\roblox\versions\version-44dbdc803ea548d8\robloxplayerlauncher.exe" -uninstall

Program name:
ROBLOX Player for aidan

Display publisher:
ROBLOX Corporation

Uninstall string:
"C:\users\{user}\appdata\local\roblox\versions\version-44dbdc803ea548d8\robloxplayerlauncher.exe" -uninstall

Program name:
ROBLOX Player

Display publisher:
ROBLOX Corporation

Uninstall string:
"C:\Program Files (x86)\Roblox\Versions\version-44dbdc803ea548d8\RobloxPlayerLauncher.exe" -uninstall -alluser

Program name:
ROBLOX Player for Pipnik

Display publisher:
ROBLOX Corporation

Uninstall string:
"C:\users\{user}\appdata\local\roblox\versions\version-44dbdc803ea548d8\robloxplayerlauncher.exe" -uninstall

Program name:
ROBLOX Player for jbann

Display publisher:
ROBLOX Corporation

Uninstall string:
"C:\users\{user}\appdata\local\roblox\versions\version-44dbdc803ea548d8\robloxplayerlauncher.exe" -uninstall


The file Roblox.exe has been seen being distributed by the following 7 URLs.

http://roblox.soft32.es/get/file/id/.../?no_download_manager=true

http://setup-cxs.rbxcdn.com/version-44dbdc803ea548d8-RobloxPlayerLauncher.exe

http://setup.roblox.com/version-44dbdc803ea548d8-Roblox.exe

http://113.171.224.166/.../version-44dbdc803ea548d8-RobloxPlayerLauncher.exe

http://113.171.224.246/.../version-44dbdc803ea548d8-RobloxPlayerLauncher.exe

http://setup.rbxcdn.com/version-44dbdc803ea548d8-RobloxPlayerLauncher.exe

http://113.171.224.178/.../version-44dbdc803ea548d8-RobloxPlayerLauncher.exe

Scan Roblox.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.