Extracted

• • Target

    Fortnite Accounts Checker.zip

  • Size

    955KB

  • MD5

    ba393826034fdad4c2ad14d37197bd66

  • SHA1

    ac0721c6bd8a0ddccc5ad59bbd8f67651f03b7f8

  • SHA256

    d0ee0124dc4275c78cfdb71ea9b57076a8089a809cec182536bfbffc5c7866ef

  • SHA512

    041baaafbb70046433518d68ee9fbcf2dc124e8a2763a93d28e0f6fa735de1fa9c42c61ba6a98dc3a863d428965c47e665a3d6af20615c16c672fbfd3366bd5b

  • SSDEEP

    24576:ofaRtU7qbT59qPG3JBNq77FzuhmS7RyPLQ:o4Ueb9/HkzsmiIQ

  Score

  10^/10

  redlinediamotrixdiscoveryinfostealerpersistencepyinstallerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Adds Run key to start application

    persistence

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral1

• • Target

    Fortnite Accounts Checker/Fortnite Accounts Checker BY X-SLAYER.exe

  • Size

    1.2MB

  • MD5

    c075245512671da26fbbb19525c2af65

  • SHA1

    9c276b3b50dc3ad9a949fdd825402a080cdb0cdd

  • SHA256

    3ae8dd5945688d850a8fa5524a3c3ec809e9451df7a0e49fb1ec42a2ad9b6df6

  • SHA512

    e88c085f40112beb235e75e1ba17932e820516eb365cdf674571410988aa64ea818dcadfe9cd2617b5e39ca5542cbaf70f7617d675e41bf267c08d449f782d76

  • SSDEEP

    12288:9GWsEMAiYhNDGA1QMlv5As0nGNCo525hcVoU+2dnTLxub24EgUp7NieMRzmWA:9DsEMfYfPhp+2dnTLcb24EgU1oeImWA

  Score

  10^/10

  redlinediamotrixdiscoveryinfostealerpersistencepyinstallerspywarestealer

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Adds Run key to start application

    persistence

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Suspicious use of SetThreadContext

  behavioral2

• • Target

    Fortnite Accounts Checker/SkinSoft.VisualStyler.dll

  • Size

    964KB

  • MD5

    2d84a619d4bd339f860cb48af0c9b6c8

  • SHA1

    05e520126ee1100c98263bfbd5a6ff0ce6ace4f7

  • SHA256

    365ffde7df914840eb21c96f34c39912a4b031e3814b8e902b67acee6dff65a1

  • SHA512

    bd0c5e8b018ae393a5f2b92b4a10b5b674ca466074d18b4f86b12cbe9a6a520a95323146cb8e5226b1698f14efcc63addf0df421677b7f5ba3c8d94dbcb511d0

  • SSDEEP

    12288:XxIFyaWHyXq7VBnpJnqRAjcHFNdotFYsFjrXhmEBFa:XxIFyaWHyXq7VBnpJnqRAwHsJm

  Score

  1^/10
  behavioral3

• • Target

    Fortnite Accounts Checker/xNet.dll

  • Size

    116KB

  • MD5

    3df8d87a482efad957d83819adb3020f

  • SHA1

    f5b710581355ac5d0de7a36446b93533232144db

  • SHA256

    2ac175b4d44245ee8e7aee9cc36df86925ef903d8516f20a2c51d84e35f23da4

  • SHA512

    da28c34a85a6530b1c558fa11b0e71e70710d719cd8ceaf81f954d1fe3927ec139bee6c5f3135425cc5220905240f1a31d831611c46d18f5d52600b607ea59a6

  • SSDEEP

    3072:NWl4rhAigbJ0c1qnV+xnEd44asVyrVfwN5lTCTh3n3F:NWvigbdqnV+xnEd4zsVyJb

  Score

  1^/10
  behavioral4