redline | SusanoFortniteCheats[.]exe | Triage

Sharing

General

Target

SusanoFortniteCheats.exe
Size

7.4MB
MD5

f41e33f932386be30f0cc61bb6a64c6c
SHA1

ffd6d2f29f4c49ef16a6b79cd350ea5f32f94b49
SHA256

98f467c12ff867304a01dd56534a52a54674f87965720bd75a783fdf6dd4e9d2
SHA512

22361b622d9efd989fd8b9cffd59f2d0285201d2cb0f9e7bd32be7cb1e580f11221f5817bc17b7cb70663471728738658c94b2bda5c2c29be3b9189a6e7a7cb1
SSDEEP

12288:Wq3V4TIjjsbRV2czxQwamfkGuhT0cVm1:ZEIncNcBhrg

Score

10^/10

redline

Malware Config

Signatures

RedLine payload 1 IoCs

resource	yara_rule
sample	family_redline

Redline family
redline

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SusanoFortniteCheats.exe

Files

SusanoFortniteCheats.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ