1ba3dab9ead4f40ac7bbead3400d870a43f5c3129817ecf588222e39a25daffb | Triage

Sharing

General

Target

07-03-2024_rstMEO2OBRMqmTX.zip
Size

250KB
Sample

240307-2f1g7sgh3s
MD5

d438186d3ebb8dc4cbb9dbb267d9a1af
SHA1

6a768cce663836854d5caf8b04e247b1e2768839
SHA256

1ba3dab9ead4f40ac7bbead3400d870a43f5c3129817ecf588222e39a25daffb
SHA512

f97a6fb028492ca7ba97f98903e6ca3ca01b94857e4b20996e9ae7b8c2015478dec727936ebd87d3b8781c8633a8367891204dff0441cd087e3d95bf6c2d9f5f
SSDEEP

6144:wifbexN2qWpUZA8gA0jiqw3fe/qq2PyNwu:nbexiqA8gA6wm32PHu

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  Fortnite External Cheat/loader.exe
- Size
  
  502KB
- MD5
  
  8d6b9654665f6530099f61ccdf7d61b5
- SHA1
  
  29d2d0405e8c2dd855ff53c84c4903a9f3090eab
- SHA256
  
  e6027d8e886ebdc7ee1d5d0c6bd376bc37bc6b1a466b8c49773aae50bf0fad5d
- SHA512
  
  1fc3055381b962b9a8e58961a0ff0cf14a6011f75bd3071e3ecef4100610d4ae8bb936ea6db2244423790b14998b0a4a3ab259507769841e87459b44c8afbc7e
- SSDEEP
  
  12288:JlD1NsrHLgO6rO7j1nZCZ+DvXaMvU5o9:JRcTkO6rE1nZXXaMvQo
Score

8^/10

persistence
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Modifies system executable filetype association
  persistence
- Registers COM server for autorun
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2