General
-
Target
CSFortnitefreecheeto.exe
-
Size
10.4MB
-
Sample
240823-1mxjfsydnc
-
MD5
0386a273f027d7e602811826c969074e
-
SHA1
ba3940a74e422d0a6511eaf8ee58cfd0f5036a38
-
SHA256
ddc8be8c66ac78c53a7ec699097fd59bddbc3242e2333d5c3b0fcf083a5c0d05
-
SHA512
c0fea44cd0ad68d8dd670ab11d490355fb1177903800bc6a9b38f28bf76771b46ec156e389996f8843a54be900acc6ce8d7209c730a11e5265be9239235c29ee
-
SSDEEP
196608:AinEk0GV23kBvRBA1HeT39IigwRTet4Q4GH5lLNsIlyzWMuIMYnoxO+:BnEk0GV2kJq1+TtIiFRSNNsIszWMHToY
Malware Config
Targets
-
-
Target
CSFortnitefreecheeto.exe
-
Size
10.4MB
-
MD5
0386a273f027d7e602811826c969074e
-
SHA1
ba3940a74e422d0a6511eaf8ee58cfd0f5036a38
-
SHA256
ddc8be8c66ac78c53a7ec699097fd59bddbc3242e2333d5c3b0fcf083a5c0d05
-
SHA512
c0fea44cd0ad68d8dd670ab11d490355fb1177903800bc6a9b38f28bf76771b46ec156e389996f8843a54be900acc6ce8d7209c730a11e5265be9239235c29ee
-
SSDEEP
196608:AinEk0GV23kBvRBA1HeT39IigwRTet4Q4GH5lLNsIlyzWMuIMYnoxO+:BnEk0GV2kJq1+TtIiFRSNNsIszWMHToY
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-