General
-
Target
Fortnite CFFHOOK by Spyro.exe
-
Size
1.8MB
-
Sample
220415-hn73gaddf6
-
MD5
bc9b1b368097805254280adc0ebab47e
-
SHA1
d74790b312152fbc6d74f004bef26227c2f1e6aa
-
SHA256
3c301ea2f7c6113f5a27f95f694e84c2506aa18ff533ce1583263abace106266
-
SHA512
42182971c99e02a081daaece870984bdd9bc3b902cbb4c99c393fc1240bfffa99a61964dc371c227e13705b1cb52be087fced0f157c8960d8e871f8f9f11dfaf
Static task
static1
Behavioral task
behavioral1
Sample
Fortnite CFFHOOK by Spyro.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Fortnite CFFHOOK by Spyro.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
redline
crpt
65.108.20.114:3074
-
auth_value
85833779d67675e04a9bce1ac53a9870
Targets
-
-
Target
Fortnite CFFHOOK by Spyro.exe
-
Size
1.8MB
-
MD5
bc9b1b368097805254280adc0ebab47e
-
SHA1
d74790b312152fbc6d74f004bef26227c2f1e6aa
-
SHA256
3c301ea2f7c6113f5a27f95f694e84c2506aa18ff533ce1583263abace106266
-
SHA512
42182971c99e02a081daaece870984bdd9bc3b902cbb4c99c393fc1240bfffa99a61964dc371c227e13705b1cb52be087fced0f157c8960d8e871f8f9f11dfaf
Score10/10-
Meta Stealer Stealer
Meta Stealer steals passwords stored in browsers, written in C++.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-