General
-
Target
Fortnite Hack Aimbot.bin.zip
-
Size
1.3MB
-
MD5
9e3696efc1e3974843e005df01403763
-
SHA1
43b7bb515b787b74c1b55d2a6a6365998db4afbd
-
SHA256
e2e337221dd17fbea9c46f185dc171e63f56f4cf51f5f8bfee38e1af886edd34
-
SHA512
820195cb97a3bd89e3ea7c27080de4709fb5b45c8ae4df7c94a091afe91164d1ee97212a7c679cfeadb29239a614282c28dde4b8413d687057ac141dd9086231
-
SSDEEP
24576:RhBRkDsssh1NrkLTZN5cEuB5++GQq2v97QkpJzPTgXmoaEmOdpqr+TSuPC:RhvkDssshjiTjqB0+GQqgpJrsWoaEdwR
Malware Config
Signatures
-
Detects Fredy Stealer Payload 1 IoCs
Fredy Stealer is an infostealer written in C++.
resource yara_rule static1/unpack001/Fortnite Hack Aimbot.bin family_fredy -
Fredy family
-
resource yara_rule static1/unpack001/Fortnite Hack Aimbot.bin aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Fortnite Hack Aimbot.bin
Files
-
Fortnite Hack Aimbot.bin.zip.zip
Password: infected
-
Fortnite Hack Aimbot.bin.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 940KB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 402KB - Virtual size: 404KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 10KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 200KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 57KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE