Behavioral task
behavioral1
Sample
Fakz.zip
Resource
win7-20240903-en
General
-
Target
Fakz.zip
-
Size
22KB
-
MD5
1ec66394ed0030c48d10196ccc498c6e
-
SHA1
1c89fd722bd1be31672a1aba4bfcb09354729917
-
SHA256
54cff1f1f65f87805c94865727bdd49425ac64a1f9d9d3b758e933e5928354d8
-
SHA512
4615e8ccbe6aba4d6f2ed436c7e061bb962100c7367992ac1105c9ca6de609c80e844969459b035a499f764bf322a3629bcc8d2f2963166a794c217c2f8e2ba9
-
SSDEEP
384:NE6hhodYWhY1XXH92vjHj8HpUsoanhetSNSabWfjdfpaiWO0+JH8xTcCqT63t:NlqY1n0rHjMproanhWmKfZfpapp+JH8p
Malware Config
Extracted
asyncrat
0.5.8
Default
127.0.0.1:6606
127.0.0.1:7707
127.0.0.1:8808
GhA6jcKb6Xjr
-
delay
3
-
install
false
-
install_folder
%AppData%
Signatures
Files
-
Fakz.zip.zip
-
Fakz/PrivateFortniteCheatDONTSHARE.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ