General

  • Target

    FortniteFPS.exe

  • Size

    444KB

  • Sample

    240404-xk562aga64

  • MD5

    ed8f9d380212722ab220453cf5c64524

  • SHA1

    e7cf9a672de8766bb9db767f4b3aaf3a7a0f6b10

  • SHA256

    fda3dd5344e004dc209fe24b2e383fbef569e11dc14f0d02c2051e8a69c80427

  • SHA512

    137a381f40c6db23580350322ddbc2930504dac23b693611ff975efa042fe4ba24587580339c27664eae0ae3c63278dc00e11aa82db6b9acceb0dd806f0c37c8

  • SSDEEP

    12288:khpdFOiCa+pp6DkqebgShtFRvKAOjzEcaY6RqTWmHH:kSa+E9SzFRy7jzEcB6UK

Score
10/10

Malware Config

Targets

    • Target

      FortniteFPS.exe

    • Size

      444KB

    • MD5

      ed8f9d380212722ab220453cf5c64524

    • SHA1

      e7cf9a672de8766bb9db767f4b3aaf3a7a0f6b10

    • SHA256

      fda3dd5344e004dc209fe24b2e383fbef569e11dc14f0d02c2051e8a69c80427

    • SHA512

      137a381f40c6db23580350322ddbc2930504dac23b693611ff975efa042fe4ba24587580339c27664eae0ae3c63278dc00e11aa82db6b9acceb0dd806f0c37c8

    • SSDEEP

      12288:khpdFOiCa+pp6DkqebgShtFRvKAOjzEcaY6RqTWmHH:kSa+E9SzFRy7jzEcB6UK

    Score
    10/10
    • Rhadamanthys

      Rhadamanthys is an info stealer written in C++ first seen in August 2022.

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks