Overview

overview

4

Static

static

4

FortniteV1...ts.bat

windows7-x64

1

FortniteV1...ts.bat

windows10-2004-x64

1

FortniteV1...bot.py

windows7-x64

3

FortniteV1...bot.py

windows10-2004-x64

3

FortniteV1...nar.py

windows7-x64

3

FortniteV1...nar.py

windows10-2004-x64

3

FortniteV1...rt.bat

windows7-x64

1

FortniteV1...rt.bat

windows10-2004-x64

1

FortniteV1.../ui.py

windows7-x64

3

FortniteV1.../ui.py

windows10-2004-x64

3

FortniteV1...box.py

windows7-x64

3

FortniteV1...box.py

windows10-2004-x64

3

FortniteV1...ent.py

ubuntu-18.04-amd64

1

FortniteV1...ent.py

debian-9-armhf

1

FortniteV1...ent.py

debian-9-mips

1

FortniteV1...ent.py

debian-9-mipsel

1

FortniteV1...els.py

windows7-x64

3

FortniteV1...els.py

windows10-2004-x64

3

FortniteV1...ing.py

windows7-x64

3

FortniteV1...ing.py

windows10-2004-x64

3

FortniteV1...der.py

windows7-x64

3

FortniteV1...der.py

windows10-2004-x64

3

FortniteV1...ect.py

windows7-x64

3

FortniteV1...ect.py

windows10-2004-x64

3

FortniteV1...ort.py

windows7-x64

3

FortniteV1...ort.py

windows10-2004-x64

3

FortniteV1...onf.py

windows7-x64

3

FortniteV1...onf.py

windows10-2004-x64

3

FortniteV1...t__.py

windows7-x64

3

FortniteV1...t__.py

windows10-2004-x64

3

FortniteV1...10.pyc

windows7-x64

3

FortniteV1...10.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    40s
  • max time network
    49s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2024, 01:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FortniteV1.75/lunar-main/yolov7/deploy/triton-inference-server/processing.py

  • Size

    2KB

  • MD5

    10d9afe347da5e1e777c66b18cdbf9bd

  • SHA1

    9d3b980cb5fc3cb850972aac5d8f46465d264eea

  • SHA256

    65dc0b66699711606bf3b9267052f10bfa1d844280d161465169dc45631997c3

  • SHA512

    2686d51ea336e0c1b07bf031822c0ee0a8fc0618d7d2bf2e13dc61b22a265c8ef740da8cb3e371339c693bd0b2420d2d4a1740a829f37de19fd9d8c35f47d406

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\FortniteV1.75\lunar-main\yolov7\deploy\triton-inference-server\processing.py
    1⤵
    • Modifies registry class
    PID:1848
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:5060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads