Fornite Cheat[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

Fornite Cheat.iso
Size

1.9MB
MD5

f642ebde298bfacf9e83fd0ac6f44705
SHA1

9bb8b24d27dc09f3a624fb8a9b96c6a92b96e095
SHA256

c4836808a5c98901aa32a1b781d03a9be8a5a1ac8d2991f1f17d12e1eb9e305d
SHA512

b49e2432515ccee97704f49ee1e29b06c1432f755dd9d02c8d7dd5831c24ddcdb254596efec81e00fdabd24e5b4875d9df3f563aeac3ef0fcb8cb57383a17320
SSDEEP

49152:v1HOJSv/jfF4vKk/it0ak5v7wMgJl0wi/s4:v5OJSTS8M5vMM+l0w0b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/USO.exe56db6c7c

Files

Fornite Cheat.iso
.iso
Fornite Cheat 2023/Tutorial.pdf.lnk
.lnk
Fornite Cheat 2023/USO.zip
.zip
USO.exe56db6c7c
.exe windows x64

ec283ddf19ad99af7e2aff29e1330bca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysAllocStringLen
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnaccessData
SysFreeString
VariantClear
SafeArrayDestroy

kernel32

SetHandleInformation
GetModuleHandleA
GetProcAddress
GetCurrentThread
GetStdHandle
GetConsoleMode
WriteConsoleW
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetCurrentProcess
ReleaseMutex
GetEnvironmentVariableW
RtlLookupFunctionEntry
GetModuleHandleW
FormatMessageW
GetTempPathW
GetModuleFileNameW
CreateFileW
GetFileInformationByHandleEx
GetFullPathNameW
SetFilePointerEx
GlobalUnlock
GetFileInformationByHandle
FindFirstFileW
FindClose
ReleaseSRWLockExclusive
SetUnhandledExceptionFilter
SetFileCompletionNotificationModes
CreateIoCompletionPort
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
CreateProcessW
GetFileAttributesW
DuplicateHandle
GetCurrentProcessId
CreateNamedPipeW
CreateThread
ReadFileEx
SleepEx
WriteFileEx
GetFinalPathNameByHandleW
CreateEventW
CancelIo
ReadFile
ExitProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentDirectoryW
AcquireSRWLockShared
ReleaseSRWLockShared
CopyFileExW
SleepConditionVariableSRW
WakeConditionVariable
PostQueuedCompletionStatus
SetLastError
TryAcquireSRWLockExclusive
GetQueuedCompletionStatusEx
SwitchToThread
GetProcessHeap
HeapAlloc
SetThreadStackGuarantee
AddVectoredExceptionHandler
WakeAllConditionVariable
AcquireSRWLockExclusive
HeapReAlloc
GetSystemInfo
GetExitCodeProcess
GetSystemTimeAsFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetTimeZoneInformation
RtlVirtualUnwind
FlushFileBuffers
GetTickCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
WideCharToMultiByte
FreeLibrary
GetFileSize
LockFileEx
LocalFree
UnlockFile
HeapDestroy
HeapCompact
LoadLibraryW
DeleteFileW
DeleteFileA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
HeapCreate
AreFileApisANSI
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
WaitForSingleObject
GetLastError
GetOverlappedResult
WaitForMultipleObjects
GlobalFree
UnhandledExceptionFilter
GlobalAlloc
Sleep
GlobalLock
CreateDirectoryW
GlobalSize
TerminateProcess
IsProcessorFeaturePresent
CloseHandle
HeapFree
InitializeSListHead
IsDebuggerPresent
FindNextFileW
RtlCaptureContext

user32

EnumDisplaySettingsExW
OpenClipboard
GetClipboardData
CloseClipboard
SetClipboardData
GetMonitorInfoW
EnumDisplayMonitors

bcrypt

BCryptGenRandom

crypt32

CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertGetCertificateChain
CertOpenStore
CertDuplicateStore
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertDuplicateCertificateChain
CertDuplicateCertificateContext
CertCloseStore
CryptUnprotectData

advapi32

CheckTokenMembership
SystemFunction036
FreeSid
RegCreateKeyExA
RegQueryValueExW
RegSetValueExA
RegCloseKey
RegOpenKeyExW
AllocateAndInitializeSid

ws2_32

WSAStartup
getsockopt
shutdown
WSACleanup
freeaddrinfo
getsockname
WSAGetLastError
getpeername
closesocket
WSAIoctl
ioctlsocket
WSASocketW
getaddrinfo
connect
WSASend
bind
setsockopt
send
recv

ntdll

NtDeviceIoControlFile
NtCreateFile
NtCancelIoFileEx
RtlNtStatusToDosError

secur32

FreeContextBuffer
AcquireCredentialsHandleA
EncryptMessage
ApplyControlToken
DeleteSecurityContext
FreeCredentialsHandle
AcceptSecurityContext
InitializeSecurityContextW
QueryContextAttributesW
DecryptMessage

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetStretchBltMode
StretchBlt
GetDIBits
GetObjectW
DeleteObject
DeleteDC
CreateDCW

ole32

CoInitializeEx
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity

vcruntime140

__C_specific_handler
memmove
__CxxFrameHandler3
memset
memcpy
memcmp
__current_exception
__current_exception_context
strrchr

api-ms-win-crt-string-l1-1-0

strcmp
strcspn
strncmp
strlen

api-ms-win-crt-heap-l1-1-0

realloc
_msize
malloc
free
_set_new_mode

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-math-l1-1-0

_dclass
log
__setusermatherr

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_cexit
__p___argv
_get_initial_narrow_environment
__p___argc
_c_exit
_register_thread_local_exe_atexit_callback
_exit
exit
_initialize_onexit_table
_endthreadex
_seh_filter_exe
_set_app_type
_initterm_e
terminate
_crt_atexit
_initialize_narrow_environment
_configure_narrow_argv
_register_onexit_function
_initterm

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[Content_Types].xml
.xml

Sharing

General

Malware Config

Signatures

Files

ec283ddf19ad99af7e2aff29e1330bca

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

kernel32

user32

bcrypt

crypt32

advapi32

ws2_32

ntdll

secur32

gdi32

ole32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 27KB - Virtual size: 30KB

.pdata Size: 63KB - Virtual size: 62KB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 27KB - Virtual size: 30KB

.pdata
Size: 63KB - Virtual size: 62KB

.reloc
Size: 26KB - Virtual size: 26KB