General
-
Target
Fortnite-Injector.exe
-
Size
16.4MB
-
Sample
240511-ltl9qsed27
-
MD5
93b01e529e34e227254d7652172e2dac
-
SHA1
704b1774f767c9dc3162633f92689c996dce8350
-
SHA256
f1e17f0fcc295945bfc6c51e78350ff9c378285e8b4ef33d5b692e3e81159327
-
SHA512
ee461dd430b2adfa14077730608ddc9954c9b08213b70f678a95fb6588b1f3192f0c9e2f8cb96b4110e6aeea5f818b61197d75b43bf64e2cf796fe68e57eaf27
-
SSDEEP
393216:Ch9S2nnx837Xfih2Jp5MLurEUWjljEh01tL8yvhXUS+da:09Dnxq7ahpdbJ91N8yvl+da
Malware Config
Targets
-
-
Target
Fortnite-Injector.exe
-
Size
16.4MB
-
MD5
93b01e529e34e227254d7652172e2dac
-
SHA1
704b1774f767c9dc3162633f92689c996dce8350
-
SHA256
f1e17f0fcc295945bfc6c51e78350ff9c378285e8b4ef33d5b692e3e81159327
-
SHA512
ee461dd430b2adfa14077730608ddc9954c9b08213b70f678a95fb6588b1f3192f0c9e2f8cb96b4110e6aeea5f818b61197d75b43bf64e2cf796fe68e57eaf27
-
SSDEEP
393216:Ch9S2nnx837Xfih2Jp5MLurEUWjljEh01tL8yvhXUS+da:09Dnxq7ahpdbJ91N8yvl+da
Score8/10-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
Fortnite-Injector.pyc
-
Size
69KB
-
MD5
325d7e26bc0ca8e0af0698c895b2822d
-
SHA1
7bf75d5ba9bf1cb9369e0977452d622367252f36
-
SHA256
9730c8a6656a264f5f59a5e3c4a392c5085361c36cfd8ba51793b310defb5d71
-
SHA512
9730c171ad07f663cf642ee72935f94e4c086bbdd45f17cd6dda69136cfbde967cba2ebe482ebe76aca8b7059c56837cd87e4a5db6c21c8767f5239b1c268f0d
-
SSDEEP
768:3nAIw3pYBdbM8v9YTNqvELkdI+2p3BXTxGVru1E7eNs0u9iAnjCenr+2n9n:3w3pyd1cdxZs0u9vmort
Score3/10 -