Overview

overview

1

Static

static

1

FortniteLauncher.exe

windows7-x64

1

FortniteLauncher.exe

windows10-2004-x64

1

MaterialSkin.dll

windows7-x64

1

MaterialSkin.dll

windows10-2004-x64

1

Newtonsoft.Json.dll

windows7-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

Platanium.dll

windows7-x64

1

Platanium.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    68s
  • max time network
    78s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    31-03-2023 15:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FortniteLauncher.exe

  • Size

    387KB

  • MD5

    8b528f2dbe12d7f8e73be1e0aed385b8

  • SHA1

    0f7e25fb92b5c3909f843f4cdf73dbd658750be4

  • SHA256

    f4b6b1c41f04007b2816e50bfe6e53515d430cf3d64d1f5cb0ed6f8a67959b85

  • SHA512

    0e88d919263b71fc589ea58bd7cda1250e9d4468438ea304b42a11ba3fa0424b35618e8d68ec736bd00db8458131a80597d52e1848f671115eb08487d6ab7881

  • SSDEEP

    6144:X5BK9hJbgDFcv7SzYLDOj2S/KScp+4+pNBVM0jaTw3xreDy9sE7E:X5BK5bgDFmSzcUHSRF+fM0jfxMy9seE

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FortniteLauncher.exe
    "C:\Users\Admin\AppData\Local\Temp\FortniteLauncher.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:108
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x47c
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/108-54-0x000000013FBB0000-0x000000013FC16000-memory.dmp

    Filesize

    408KB

    Download

  • memory/108-55-0x000000001B880000-0x000000001BED6000-memory.dmp

    Filesize

    6.3MB

    Download

  • memory/108-56-0x00000000022B0000-0x0000000002336000-memory.dmp

    Filesize

    536KB

    Download

  • memory/108-57-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-58-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-59-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-60-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-61-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-62-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-63-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-64-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-65-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-66-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download

  • memory/108-67-0x000000001B750000-0x000000001B7D0000-memory.dmp

    Filesize

    512KB

    Download