b6464a18cbc852599d0dc45323c1c053746692ab6429e50b31c5ab2fe85a40af | Triage

Sharing

General

Target

FortniteInstaller.msi
Size

54.2MB
Sample

230414-zgj6habg46
MD5

aba6906719689dfdd78c46bd181bfb57
SHA1

13e1ce4807820687a751acb306f6b2461b2995f5
SHA256

b6464a18cbc852599d0dc45323c1c053746692ab6429e50b31c5ab2fe85a40af
SHA512

38696427855b3d98d0489f843aa3adf45de2c87e95256635d9dace1cc9c41e97764a5f03fa8bfb8224ce2ff18ed6e329ff4218bbceb5628ca0f0346cb6f12806
SSDEEP

1572864:QYy5dINmHcchwtEp04PH/tUwCJSP53ShlOvRbVclpAcKUf7QZ:QYy/6CoEp9PftOJSP53SDOpVO5nA

Score

8^/10

Malware Config

Targets

- Target
  
  FortniteInstaller.msi
- Size
  
  54.2MB
- MD5
  
  aba6906719689dfdd78c46bd181bfb57
- SHA1
  
  13e1ce4807820687a751acb306f6b2461b2995f5
- SHA256
  
  b6464a18cbc852599d0dc45323c1c053746692ab6429e50b31c5ab2fe85a40af
- SHA512
  
  38696427855b3d98d0489f843aa3adf45de2c87e95256635d9dace1cc9c41e97764a5f03fa8bfb8224ce2ff18ed6e329ff4218bbceb5628ca0f0346cb6f12806
- SSDEEP
  
  1572864:QYy5dINmHcchwtEp04PH/tUwCJSP53ShlOvRbVclpAcKUf7QZ:QYy/6CoEp9PftOJSP53SDOpVO5nA
Score

8^/10
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2