Static task
static1
General
-
Target
Fortnite_external.exe
-
Size
27.4MB
-
MD5
c4b8db1c15843107a9937497e5bc9cce
-
SHA1
98282fde164b4605887accef7d009be410062df3
-
SHA256
4c90b78cdde35f0ec2b6b248ffdb47aea8bf44bff9cbca5113a6402fa3b6c622
-
SHA512
ed1f45f1c36392c1e645457ab5165f9a97a15089bbf2220d22996c0cc80c427e0d7fc3dc69673f652848a7d3b604bcbce9b467dd4bfb5dd00408304a5f8907a1
-
SSDEEP
393216:Yh2ARMaoU07tR/Z1xtb6l4dEG83GlgnvuFXSD+9GA6G+kq:Yh2ARiX73/XxeUEG8sgmFdrq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Fortnite_external.exe
Files
-
Fortnite_external.exe.exe windows:6 windows x64 arch:x64
9885bb92ec8d57e00a6b74520092ee82
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
WritePrivateProfileStringA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
user32
PeekMessageA
gdi32
DeleteObject
advapi32
GetTokenInformation
shell32
ShellExecuteExA
ole32
CoUninitialize
d3d11
D3D11CreateDeviceAndSwapChain
msvcp140
?_Xout_of_range@std@@YAXPEBD@Z
imm32
ImmGetContext
d3dcompiler_43
D3DCompile
dwmapi
DwmGetColorizationColor
normaliz
IdnToAscii
wldap32
ord143
crypt32
CertOpenStore
ws2_32
freeaddrinfo
shlwapi
StrChrW
rpcrt4
RpcStringFreeA
psapi
GetModuleInformation
userenv
UnloadUserProfile
ntdll
RtlAddFunctionTable
vcruntime140
memset
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
strerror
api-ms-win-crt-heap-l1-1-0
_set_new_mode
api-ms-win-crt-utility-l1-1-0
rand
api-ms-win-crt-stdio-l1-1-0
_popen
api-ms-win-crt-string-l1-1-0
strpbrk
api-ms-win-crt-math-l1-1-0
sinf
api-ms-win-crt-convert-l1-1-0
strtoull
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
_gmtime64
api-ms-win-crt-filesystem-l1-1-0
_access
api-ms-win-crt-locale-l1-1-0
localeconv
Sections
.text Size: - Virtual size: 3.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 837KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 186KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: - Virtual size: 464B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.)\B Size: - Virtual size: 15.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.DPY Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.eSo Size: 27.4MB - Virtual size: 27.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 288B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ