General

  • Target

    FortniteEMAIL crackerV2.1.exe

  • Size

    7.6MB

  • Sample

    241110-mx2dhavkhx

  • MD5

    a7c656a19b20ad0eebf4759dba65dc75

  • SHA1

    a0d5445a010b18f2abbc75ab1e7b93df45becf85

  • SHA256

    25a5a87d6c19b43ec68a9cd10b929e7e22376856d144e88a4644867ddb8f543f

  • SHA512

    df181256e575e0cbb70f802f3d72c60e4fc7967a57037fa60ba0784eedc33374b8516c6ea7cd7221a7fe1f5725f739afff0181cdb9031069430e41a02783a5f3

  • SSDEEP

    196608:YZHYNwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jM:wIHziK1piXLGVE4Ue0VJI

Malware Config

Targets

    • Target

      FortniteEMAIL crackerV2.1.exe

    • Size

      7.6MB

    • MD5

      a7c656a19b20ad0eebf4759dba65dc75

    • SHA1

      a0d5445a010b18f2abbc75ab1e7b93df45becf85

    • SHA256

      25a5a87d6c19b43ec68a9cd10b929e7e22376856d144e88a4644867ddb8f543f

    • SHA512

      df181256e575e0cbb70f802f3d72c60e4fc7967a57037fa60ba0784eedc33374b8516c6ea7cd7221a7fe1f5725f739afff0181cdb9031069430e41a02783a5f3

    • SSDEEP

      196608:YZHYNwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jM:wIHziK1piXLGVE4Ue0VJI

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Clipboard Data

      Adversaries may collect data stored in the clipboard from users copying information within or between applications.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Enumerates processes with tasklist

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      ��0�,.pyc

    • Size

      1KB

    • MD5

      6e7f9f660ae935a3aba303bed80b1a11

    • SHA1

      e6775d62e6cdb3279e7237845a434a5843c9a655

    • SHA256

      86de8b1f8b6b08d5e3a954c88b441f59813b68c80f3e3e91ca0a74596ada0ef0

    • SHA512

      c509f1f52f8565328288d9e6354bf1e57b7b3d4a703c5ad3fb3b18daeafb2208a566a907c50930e61b2fa21920fd0727c266dc2a28e1c79493ebe283b8b91838

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks