RobloxPlayerInstaller-2X8VFQHDYP.exe Malware Gen Analysis

Updated 3 hours ago

Checked by Malware Check

RobloxPlayerInstaller-2X8VFQHDYP.exe

Technical Analysis

File Name	RobloxPlayerInstaller-2X8VFQHDYP.exe
File Type	PE32 executable (GUI) Intel 80386, for MS Windows
Scanner Version	1.0.234.174
Database Version	2026-01-19 06:00:23 UTC

⚠

Malware.Win32.Gen.tr

Malware family: Gen

This is a generic detection identifier for files exhibiting Trojan horse characteristics. It indicates malware that disguises itself as legitimate software while containing malicious code designed to compromise system security or steal information.

N/A

Detection Rate

9,562,576

File Size (bytes)

2026-01-19

Analysis Date

Scan Another File

File Identification

Hash Type	Value	Action
MD5	5c2a6c5a357bcec74c9c2beaafbe81dc
SHA1	7da39efd5e48d20a6c10b4b2d79cdb3db9289480
SHA256	279882fb187221d68af4f4019bd7b1aeed263e68f3d458fdce0503fe5370dc5b
SHA512	6e5127776a375e764754f2d783bb1e35c7a64163bb18218119cc22dcffda115c7073fb5993084d9f722d539531fe3a5958fd2154f65a5cc10a8e6a39c7240099
ImpHash	d56598286f3ded1c9b90d97ec3fcf701

PE Analysis

Basic Information

▼

Icon	Hash: 21b03eebb69a1756c2baa4f725214739 Fuzzy: f0223152e95086aae6188def2c523816 dHash: 8679f1cccc60619e
Image Base	`0x00400000`
Entry Point	`0x00a53c25`
Compilation Time	2032-03-13 15:55:30
Checksum	0x0091f283 (Actual: 0x0091f283)
OS Version	6.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386, for MS Windows`
PDB Path	`C:\buildAgent\work\ci_deploy_ninja_boot-x86_git\build.ninja\common\vs2019\x86\release\Installer\Windows\RobloxPlayerInstaller.pdb`
Digital Signature	OK
Imports	31 libraries
Exports	0 functions
Resources	68 Resources
Sections	5 Sections

Version Information

▼

CompanyName	Roblox Corporation
FileDescription	Roblox
FileVersion	1, 6, 0, 7000935
LegalCopyright	Copyright © 2020 Roblox Corporation. All rights reserved.
OriginalFilename	Roblox.exe
ProductName	Roblox Bootstrapper
ProductVersion	1, 6, 0, 7000935
Translation	0x0409 0x04b0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00001000`	7,086,454 bytes	7,086,592 bytes	6.66 (Compressed)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`7980EEECC98B744E12F94B0EA6E64D1E`
`.rdata`	`0x006c4000`	1,641,222 bytes	1,641,472 bytes	5.91 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`4BC01885A407AC041415FE6DDFC46468`
`.data`	`0x00855000`	11,834,840 bytes	190,464 bytes	4.45 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ\|IMAGE_SCN_MEM_WRITE`	`0316A9065C8F5AB1F42BEA06C69D525C`
`.rsrc`	`0x0139f000`	308,888 bytes	309,248 bytes	6.62 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`3B6EDF216C558F4B913C13F02A60723E`
`.reloc`	`0x013eb000`	322,740 bytes	323,072 bytes	6.64 (Compressed)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`DC12CA40BB8EE47C1F276C96A5BB444F`

Entropy Analysis Alert

3 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

▼

Total Resources: 68 (306,283 bytes)

Resource Type	Count	Total Size	Percentage
PNG	12	29,520 bytes	9.6%
RT_ICON	4	8,215 bytes	2.7%
RT_DIALOG	1	254 bytes	0.1%
RT_STRING	46	30,432 bytes	9.9%
RT_ACCELERATOR	1	8 bytes	0%
RT_RCDATA	1	235,820 bytes	77%
RT_GROUP_ICON	1	62 bytes	0%
RT_VERSION	1	776 bytes	0.3%
RT_MANIFEST	1	1,196 bytes	0.4%

Certificate Chain Analysis

▼

No Digital Signatures

This file is not digitally signed.

Security Implications:

Cannot verify the publisher's identity
Increased security risk when running this file
May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

Malware.Win32.Gen.tr Removal

Gridinsoft has the capability to identify and eliminate Malware.Win32.Gen.tr without requiring further user intervention.

Download Anti-Malware

Removal Instructions

Follow these steps to completely remove the threat from your system

Start by downloading Gridinsoft Anti-Malware to your computer.
Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
Click on the "Standard Scan" button to begin scanning your computer for threats.
After the scanning process is finished, click on "Clean Now" to remove any detected threats.
If prompted, restart your system to complete the removal process and ensure all threats are eliminated.

Important: Before You Start

Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

Share your thoughts or insights about this file. Do you align with our conclusion?

Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.

Your Score for

5 4 3 2 1

Gridinsoft Anti-Malware

Stay Malware-Free: Keep Your PC Protected with Gridinsoft Anti-Malware

Gridinsoft Anti-Malware offers just that—peace of mind with a robust, user-friendly solution that’s constantly updated to combat the latest threats. Designed by cybersecurity experts, it provides real-time protection and effortless malware removal. It’s not just about detecting threats; it's about enhancing your digital life with uninterrupted security. Give it a try and experience what it feels like to browse worry-free!

Gridinsoft Anti-Malware Download Now