General
-
Target
DX9_Fortnite.vmp.exe
-
Size
21.9MB
-
Sample
231204-tz19vach32
-
MD5
cf28ae1e33e5bbe9cf060258896508b9
-
SHA1
cd309a4b4a7bdb72ea6e845be9ae067dfb37be1a
-
SHA256
5f9298f554a3b512e47c0348a55b7b9aa698e7bb467b082f28f8fac9ecaf193a
-
SHA512
59b53f7c4624682f6166e2f62820d5910a4f3175f5254e2210a9a70ce3f3203c232479e49eb42bdd7e4c8c21a8aec4f82369a439bbf0c02fce539f80f017a8aa
-
SSDEEP
393216:c4wAQLZRTjrvjOCYjeofCPLoEmI7mzO/tTKEAXVLenVTq9aWgp78P:c49QZ8CY7fCUEmIqzwAFanVTq9aVp78P
Static task
static1
Behavioral task
behavioral1
Sample
DX9_Fortnite.vmp.exe
Resource
win7-20231201-en
Behavioral task
behavioral2
Sample
DX9_Fortnite.vmp.exe
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
DX9_Fortnite.vmp.exe
-
Size
21.9MB
-
MD5
cf28ae1e33e5bbe9cf060258896508b9
-
SHA1
cd309a4b4a7bdb72ea6e845be9ae067dfb37be1a
-
SHA256
5f9298f554a3b512e47c0348a55b7b9aa698e7bb467b082f28f8fac9ecaf193a
-
SHA512
59b53f7c4624682f6166e2f62820d5910a4f3175f5254e2210a9a70ce3f3203c232479e49eb42bdd7e4c8c21a8aec4f82369a439bbf0c02fce539f80f017a8aa
-
SSDEEP
393216:c4wAQLZRTjrvjOCYjeofCPLoEmI7mzO/tTKEAXVLenVTq9aWgp78P:c49QZ8CY7fCUEmIqzwAFanVTq9aVp78P
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-