Overview

overview

10

Static

static

3

Fortnite H....0.exe

windows7-x64

10

Fortnite H....0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    119b5e6609d9e4b0d67eaec8c670c4ab3ba957f45fc19918f4e72095cc747dc3

  • Size

    6.0MB

  • Sample

    241110-n8ybnawerm

  • MD5

    701c08fb840db89be985ef127b828372

  • SHA1

    32dd2ca83205a1872d43c720de6f1fdb0c8f3c59

  • SHA256

    119b5e6609d9e4b0d67eaec8c670c4ab3ba957f45fc19918f4e72095cc747dc3

  • SHA512

    aa345a4d2541852e1d871d328872c6e8ff0e197537317998b0827354573958f0b5f893c345eab67f426d0c7764b9613668a83f4125a6eed452fe4512c4ab9834

  • SSDEEP

    196608:jsl4HPj7YyOi97MK1Blgi3VlJHWaFWXGlTlY+o:jslinYyOs7MKzlpnJHyGlTvo

Score
10/10
redlinesectoprat@hensssydiscoveryinfostealerrattrojan

Malware Config

Extracted

Family

redline

Botnet

@hensssy

C2

uspeelayla.xyz:80

Targets

    • Target

      Fortnite Hack v3.0.exe

    • Size

      1.5MB

    • MD5

      fcfde04d923f7cf7ab3fd2386dc86664

    • SHA1

      c38f90e846815800ef9a4a70eeed5ad40b1406d4

    • SHA256

      1c37bb084606972c2b52abd675e81a7ce129fad41d5f684ee459012de7bb2875

    • SHA512

      a45e689eef3b279558204ef9de9c8a68e279155eb62e220279f3f49ced69e3ac136cd6f9717fda1868353c374df04eb0800b3eee19ca3f6997d25e6f2d63af79

    • SSDEEP

      12288:Akvni7EZYZWTehf95eA1Gon0C3RX7aBfn4IfVLbO/2FKG6o:Lizl133

    Score
    10/10
    redlinesectoprat@hensssydiscoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks