General
-
Target
Fortnite Checker.rar
-
Size
19.9MB
-
Sample
240805-yy1zxaxapq
-
MD5
7fc49c76f1744423a905111b10dc05a3
-
SHA1
d19568294c8ddeb2337d91aa800204561c129453
-
SHA256
be340fdc31ec16c57cd2faf1fa25623175c6d81cad6eff2050012c398e14c336
-
SHA512
8c289c391c78664f446fb20c78efdc95bd51b5daf75b88f05d1dbcaaff404ef07e250ac9901817a6f04f5cdb25d9cc4dab80c96cfd15a857313616f460347262
-
SSDEEP
393216:WSmhFif2k/RY0rJh5YGa6JLbnpm15nFIQJGFEe4F:r9+k20PaGXFbpm30Eeg
Malware Config
Targets
-
-
Target
Fortnite Checker/checker.exe
-
Size
70KB
-
MD5
df512d4af07addf48eb621469c68a001
-
SHA1
19e90437fc2ff6f58885274fb053f4b9876c23a9
-
SHA256
ef708ac02fddac76455cd854b94d2e86d89c81cb5f5d33d09c4776f35fb0ffe6
-
SHA512
0d8e9541f23010f2c87257b7887e144ab8d1f4f628e0cece24671098e8260045906c0c8fa12d9aad246013c9785f2662ff65e8d53e49b58351c404c55ae6704a
-
SSDEEP
768:xkeYkhnvA5OW7TcjCNOo+9PAAmrqDjHZT52/ok8YsAzLSw:meba5OuTcjCNON9PApew
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-