2c554758c8c01d147e940e6a4cbd6ee44e0d8fe22351938df800d2d76bd45f7d | Triage

Submit
Reports

Overview

overview

7

Static

static

7

Release/dl...ed.dll

windows11-21h2-x64

1

Release/loader.exe

windows11-21h2-x64

7

Sharing

General

Target

Release.rar
Size

6.7MB
Sample

240825-whvrvaybmj
MD5

c6355db74fda9ffce0e01eddbb5274fb
SHA1

1da2003b84f95afe52f8879327b8f85840eb71d1
SHA256

2c554758c8c01d147e940e6a4cbd6ee44e0d8fe22351938df800d2d76bd45f7d
SHA512

a0a1cf5e92d32f9ae600456382ceb7e4cfaba84854be4a5a396f33b9524bf8bfa900c8a2abbb455779e502d6c78fabbe2b0561f2b28ba57ebca6601548e77e7f
SSDEEP

196608:BbOf42ByXRcG6Kco/maHPpaPEPY857IDh/hYVjg1z6sDK:tOfVYXRZcoOePgEP557AUkre

Score

7^/10

persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Release/dlls/fortnite_undetected.dll

Resource

win11-20240802-en

windows11-21h2-x64

0 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Release/loader.exe

Resource

win11-20240802-en

persistence upx

windows11-21h2-x64

6 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Release/dlls/fortnite_undetected.dll
- Size
  
  609KB
- MD5
  
  81b84eebbfa9bdadc4f657863ce35e7c
- SHA1
  
  c3be75fdc41791679cf073ba652123b63d26c416
- SHA256
  
  a3d2ffc09ef0582cd4e72cd2117cf647a190d2bfb8dc3f36dd6ad72a3161c155
- SHA512
  
  8127427064f5695c349ce69838a6916c6f792192a5e692eff8f53fdaa4943f4245d173c95838b10e91542bd264f9638f869fb76669b2af8be2e134687545a073
- SSDEEP
  
  12288:U4sF+HRf6NFkPcFn00xygoLOk1nqMYqRg7SUqN9z:I+xf6cPcFnBsLOk1nqMJbUsl
Score

1^/10
behavioral1
- Target
  
  Release/loader.exe
- Size
  
  6.5MB
- MD5
  
  5640e7c7fbbfa0134b74865a6d4737ea
- SHA1
  
  82cb4c4440e9e3baab6b75994d94041e66830b3c
- SHA256
  
  55ec88ada55c35967781c12ac60757e8e8f6257357cf5508cf17eca7a8acc123
- SHA512
  
  3acea538d5910aee2faa1c954e927eefa9c606eb35637072e3f06601c5fe91cf95e8d3ca176ae5ecec8b1a1f017da867408a29b0a9e0d4c47085d439ce8a1342
- SSDEEP
  
  196608:AMNTPY7QEbGXqEICteEroXGzlxZV3Gu5D4S26/CS32uTdq:BYkEhEInEroXC14S26Wuxq
Score

7^/10

persistence upx
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy