Static task
static1
Behavioral task
behavioral1
Sample
Fortnite external.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Fortnite external.exe
Resource
win10v2004-20240730-en
General
-
Target
Fortnite external.exe
-
Size
385KB
-
MD5
5366217f1dd81d746cca1b72c3894ea6
-
SHA1
a66acae29f934136afa9f9daf3d8c9948ef19dbb
-
SHA256
f45618dc49530791039d0b91ed11c5a35dd68b69cdd461b82437fff2d0228658
-
SHA512
7feae748b107eaa8fe0eb43dbf899b0dea60aa3ffd6d2a466b7c496605ab5e8590d7de940d4960256e960ac86e1e209de97d35ba1595ba310a1b8049c614db38
-
SSDEEP
6144:1Up11ALsV+h5HlCtHsBWODtbKIX1Y7UYqDqi0nQx35lA3xC552TUqeM9IUukRjIP:u/1xdMBWYtbJD/UxCj2AqeMQm/nHWI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Fortnite external.exe
Files
-
Fortnite external.exe.exe windows:6 windows x64 arch:x64
ecf72dfd3db9fc73a69d852b6a3a21db
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
dwmapi
DwmExtendFrameIntoClientArea
kernel32
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualFree
GetStdHandle
DeviceIoControl
VirtualAlloc
GetModuleHandleA
CreateToolhelp32Snapshot
Sleep
Process32Next
CloseHandle
CreateThread
Beep
GlobalAlloc
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GlobalFree
GetProcAddress
user32
GetWindowThreadProcessId
GetWindow
DispatchMessageA
GetWindowRect
DestroyWindow
SetWindowPos
ReleaseCapture
GetAsyncKeyState
SetWindowLongA
GetClientRect
GetWindowLongA
GetForegroundWindow
MoveWindow
DefWindowProcA
ShowWindow
CreateWindowExA
TranslateMessage
PeekMessageA
UnregisterClassA
SetCursor
SetCapture
ClientToScreen
GetCapture
GetActiveWindow
ScreenToClient
LoadCursorA
GetKeyState
SendInput
UpdateWindow
RegisterClassExA
FindWindowA
SetCursorPos
PostQuitMessage
GetCursorPos
SetClipboardData
GetClipboardData
EmptyClipboard
OpenClipboard
CloseClipboard
msvcp140
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPEBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
d3d9
Direct3DCreate9Ex
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__C_specific_handler
__std_terminate
memmove
memcpy
memcmp
memchr
strstr
__std_exception_destroy
_CxxThrowException
__std_exception_copy
memset
__current_exception
__current_exception_context
api-ms-win-crt-stdio-l1-1-0
fwrite
_set_fmode
fflush
fclose
fseek
ftell
__stdio_common_vfprintf
__p__commode
_wfopen
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
__acrt_iob_func
api-ms-win-crt-string-l1-1-0
isprint
strncpy
strcmp
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
malloc
_callnewh
_set_new_mode
free
api-ms-win-crt-convert-l1-1-0
atof
api-ms-win-crt-runtime-l1-1-0
_register_thread_local_exe_atexit_callback
__p___argv
__p___argc
exit
system
_invalid_parameter_noinfo_noreturn
terminate
_exit
_configure_narrow_argv
_initialize_narrow_environment
_c_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
api-ms-win-crt-math-l1-1-0
atan2
ceilf
floorf
fmod
fmodf
__setusermatherr
sqrtf
asin
powf
sinf
tanf
cosf
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 207KB - Virtual size: 207KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 163KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 292B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ