Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    25-02-2024 00:34

General

  • Target

    FоrtniteHack/FоrtniteHack.exe

  • Size

    468KB

  • MD5

    8b852cbf0b1bbf444ebd2c77f552c805

  • SHA1

    3d8211d3d0dc7160c5a521bb33f4798f1f5eb645

  • SHA256

    6c9b77655d90734fc9754ba92c004e80bbb662e325a42954a4df065f1384005c

  • SHA512

    e50fead8f489a2b0998d55dc584b548456a8e06cc47710e258c4a6a5ade76ea1c2454c0408f62d83e6d999b16e2fd7aed8d48928ccd19e8b7d1fb863cde73166

  • SSDEEP

    12288:TgG0n+NMoSDsim+8/Ndwtul/QmDaPJ4D6fdKtiDFNfUVHmA:Z0n+NMoSTmPFdip4UKtuNC3

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FоrtniteHack\FоrtniteHack.exe
    "C:\Users\Admin\AppData\Local\Temp\FоrtniteHack\FоrtniteHack.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3064
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3064 -s 128
      2⤵
      • Program crash
      PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3064-0-0x00000000000E0000-0x0000000000126000-memory.dmp

    Filesize

    280KB

  • memory/3064-5-0x0000000000130000-0x0000000000131000-memory.dmp

    Filesize

    4KB