E:\Project\Fornite\PaladinsExternal\x64\Release\PaladinsExternal.pdb
Static task
static1
1 signatures
General
-
Target
FortniteExternal.exe
-
Size
1.6MB
-
MD5
d50917d7bd2f2f5022f76cc1eef46ac3
-
SHA1
9249ee5e3de1587b9093f1570e4042bd54c517a5
-
SHA256
17bd1dfcbd8f1e4fd04bd55ffc37c0f7620222800a7005d874cd34e263e9742a
-
SHA512
5a32b8587f35728fe7ffe7914edff3e6f0ae4b53ab13ebe5fcb3f659e9b9d435992bfeaa5f1e6193c3e6ed47907c5bddf79764ef809e1fb2fffc87b41d23075e
-
SSDEEP
49152:bVjtEk3pMnIQJwJ+YP/QAPYTysIWEOifkTSn:bVjegMI0wJAui
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource FortniteExternal.exe
Files
-
FortniteExternal.exe.exe windows:6 windows x64 arch:x64
06a1ff4da7fe6674ff7b60b6dde67b83
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
SetLastError
VirtualFree
VirtualAlloc
CreateToolhelp32Snapshot
GetLastError
Process32Next
DeviceIoControl
GetTempPathA
CreateFileA
Sleep
CreateThread
LeaveCriticalSection
GetFileInformationByHandleEx
AreFileApisANSI
CloseHandle
GetFileAttributesExW
Process32First
CreateFileW
FormatMessageA
LocalFree
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
GetModuleHandleA
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
QueryPerformanceFrequency
GetProcAddress
MultiByteToWideChar
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
user32
CloseWindow
DispatchMessageA
SetWindowPos
GetSystemMetrics
ShowWindow
IsWindow
DefWindowProcA
CreateWindowExA
SetLayeredWindowAttributes
TranslateMessage
PeekMessageA
UnregisterClassA
PostQuitMessage
RegisterClassExA
UpdateWindow
GetWindowThreadProcessId
GetAsyncKeyState
EnumWindows
GetKeyState
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetClipboardData
GetClipboardData
SetCursor
EmptyClipboard
CloseClipboard
GetClientRect
OpenClipboard
GetCursorPos
ReleaseCapture
SetCursorPos
advapi32
OpenSCManagerA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenServiceA
DeleteService
ControlService
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
d3dcompiler_43
D3DCompile
dwmapi
DwmExtendFrameIntoClientArea
msvcp140
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
ntdll
RtlCaptureContext
NtQuerySystemInformation
RtlVirtualUnwind
RtlLookupFunctionEntry
d3d11
D3D11CreateDeviceAndSwapChain
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memset
__C_specific_handler
__current_exception
_CxxThrowException
__std_exception_copy
memchr
memcmp
memcpy
memmove
__std_terminate
__current_exception_context
strstr
__std_exception_destroy
api-ms-win-crt-stdio-l1-1-0
__p__commode
ftell
__acrt_iob_func
fflush
fclose
fseek
fwrite
__stdio_common_vsprintf_s
_get_stream_buffer_pointers
_wfopen
fsetpos
ungetc
setvbuf
fgetpos
fgetc
fputc
__stdio_common_vsprintf
fread
__stdio_common_vfprintf
_set_fmode
__stdio_common_vsscanf
_fseeki64
api-ms-win-crt-string-l1-1-0
strcmp
_stricmp
strncpy
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
_callnewh
calloc
malloc
_set_new_mode
realloc
free
api-ms-win-crt-convert-l1-1-0
atof
api-ms-win-crt-runtime-l1-1-0
exit
_invalid_parameter_noinfo_noreturn
_register_thread_local_exe_atexit_callback
system
terminate
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_c_exit
__p___argv
__p___argc
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
remove
_lock_file
api-ms-win-crt-math-l1-1-0
atan2f
fmodf
__setusermatherr
powf
asinf
sinf
sqrtf
ceilf
cosf
acosf
tanf
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
_configthreadlocale
Sections
.text Size: 284KB - Virtual size: 284KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 440B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ