General

  • Target

    FortniteSpoofPerm.exe

  • Size

    13.1MB

  • MD5

    ad573405f9df03d594e432620925c7b5

  • SHA1

    05d4d7beb2c809c3a03548204a12a5ea39ee1e95

  • SHA256

    220b48bce46e46eb34f3c049b9d47c038fa40e9c7c9e18bc194c6c5d7f16d9f3

  • SHA512

    f04349c16f8d8c9250faf00b5ff04444c47cc5cfef93e51e47c1de12026232c754b6f1d741dc661ab328603ddea6527342e16e75ffcab500da3195bd3b658496

  • SSDEEP

    393216:niIE7Yo9+4u3wW+eGQRJ9jo7BGcGLY/dt1Wom6:87r9+R3wW+e5RJ9Mjpm6

Malware Config

Signatures

  • An infostealer written in Python and packaged with PyInstaller. 1 IoCs
  • Crealstealer family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • FortniteSpoofPerm.exe
    .exe windows:5 windows x64 arch:x64

    1af6c885af093afc55142c2f1761dbe8


    Headers

    Imports

    Sections

  • Creal.pyc