Fоrtnitе HС[.]exe

General

Target

Fоrtnitе HС.exe
Size

322KB
MD5

1c1a9bea05025b770097f12bf13cc5dc
SHA1

9fcbc6ca4bc6aff2f64b350f06cacb52556b8c80
SHA256

3e80f79075aa1d9c73743fde07218947de5d4363184454c2644ed991bbdcf5fc
SHA512

66e08bf98fc59c6275f28397da5f83ac59bbb888bf7132e89da7043c8f3545d309f47b51b997a48c41e58ecc50d2713390e2579e3a774c509bd8f21338de83a3
SSDEEP

3072:aUAAxrvGblI9bN3xYQcAyIWmVYIooQP17v37aozDFEmFwj5/FTz5mTPUUFsksiqM:aTApGa3xY36lYjaozhEmSNRzsPU7/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Fоrtnitе HС.exe

Files

Fоrtnitе HС.exe
.exe windows x86

0b842ba84a23cfa3e4f1f5c8100257f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
MultiByteToWideChar
GetModuleHandleA
FreeConsole
GetProcAddress
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

advapi32

OpenProcessToken
RegQueryValueExA
RegDeleteKeyA
LookupPrivilegeValueA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b842ba84a23cfa3e4f1f5c8100257f9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 174KB - Virtual size: 181KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 174KB - Virtual size: 181KB

.rsrc
Size: 1KB - Virtual size: 1KB