Analysis

  • max time kernel
    91s
  • max time network
    115s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-02-2024 00:34

General

  • Target

    FоrtniteHack/FоrtniteHack.exe

  • Size

    468KB

  • MD5

    8b852cbf0b1bbf444ebd2c77f552c805

  • SHA1

    3d8211d3d0dc7160c5a521bb33f4798f1f5eb645

  • SHA256

    6c9b77655d90734fc9754ba92c004e80bbb662e325a42954a4df065f1384005c

  • SHA512

    e50fead8f489a2b0998d55dc584b548456a8e06cc47710e258c4a6a5ade76ea1c2454c0408f62d83e6d999b16e2fd7aed8d48928ccd19e8b7d1fb863cde73166

  • SSDEEP

    12288:TgG0n+NMoSDsim+8/Ndwtul/QmDaPJ4D6fdKtiDFNfUVHmA:Z0n+NMoSTmPFdip4UKtuNC3

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://technologyenterdo.shop/api

https://detectordiscusser.shop/api

https://turkeyunlikelyofw.shop/api

https://associationokeo.shop/api

Signatures

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

Processes

  • C:\Users\Admin\AppData\Local\Temp\FоrtniteHack\FоrtniteHack.exe
    "C:\Users\Admin\AppData\Local\Temp\FоrtniteHack\FоrtniteHack.exe"
    1⤵
      PID:3016

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3016-0-0x0000000000B30000-0x0000000000B76000-memory.dmp

      Filesize

      280KB

    • memory/3016-5-0x0000000000E10000-0x0000000000E11000-memory.dmp

      Filesize

      4KB

    • memory/3016-6-0x0000000000E10000-0x0000000000E11000-memory.dmp

      Filesize

      4KB

    • memory/3016-7-0x0000000000E10000-0x0000000000E11000-memory.dmp

      Filesize

      4KB

    • memory/3016-8-0x0000000000E10000-0x0000000000E11000-memory.dmp

      Filesize

      4KB

    • memory/3016-9-0x0000000000B30000-0x0000000000B76000-memory.dmp

      Filesize

      280KB