General
-
Target
FortniteEMAIL crackerV2.1.exe
-
Size
7.6MB
-
Sample
241110-mx2dhavkhx
-
MD5
a7c656a19b20ad0eebf4759dba65dc75
-
SHA1
a0d5445a010b18f2abbc75ab1e7b93df45becf85
-
SHA256
25a5a87d6c19b43ec68a9cd10b929e7e22376856d144e88a4644867ddb8f543f
-
SHA512
df181256e575e0cbb70f802f3d72c60e4fc7967a57037fa60ba0784eedc33374b8516c6ea7cd7221a7fe1f5725f739afff0181cdb9031069430e41a02783a5f3
-
SSDEEP
196608:YZHYNwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jM:wIHziK1piXLGVE4Ue0VJI
Behavioral task
behavioral1
Sample
FortniteEMAIL crackerV2.1.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
FortniteEMAIL crackerV2.1.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
��0�,.pyc
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
��0�,.pyc
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
FortniteEMAIL crackerV2.1.exe
-
Size
7.6MB
-
MD5
a7c656a19b20ad0eebf4759dba65dc75
-
SHA1
a0d5445a010b18f2abbc75ab1e7b93df45becf85
-
SHA256
25a5a87d6c19b43ec68a9cd10b929e7e22376856d144e88a4644867ddb8f543f
-
SHA512
df181256e575e0cbb70f802f3d72c60e4fc7967a57037fa60ba0784eedc33374b8516c6ea7cd7221a7fe1f5725f739afff0181cdb9031069430e41a02783a5f3
-
SSDEEP
196608:YZHYNwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jM:wIHziK1piXLGVE4Ue0VJI
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Clipboard Data
Adversaries may collect data stored in the clipboard from users copying information within or between applications.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Enumerates processes with tasklist
-
-
-
Target
��0�,.pyc
-
Size
1KB
-
MD5
6e7f9f660ae935a3aba303bed80b1a11
-
SHA1
e6775d62e6cdb3279e7237845a434a5843c9a655
-
SHA256
86de8b1f8b6b08d5e3a954c88b441f59813b68c80f3e3e91ca0a74596ada0ef0
-
SHA512
c509f1f52f8565328288d9e6354bf1e57b7b3d4a703c5ad3fb3b18daeafb2208a566a907c50930e61b2fa21920fd0727c266dc2a28e1c79493ebe283b8b91838
Score1/10 -
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
3Credentials In Files
3