Overview

overview

10

Static

static

10

cheat fortnite.exe

windows10-2004-x64

8

�sՉh�.pyc

windows10-2004-x64

Resubmissions

13-12-2024 22:16

241213-169yws1qcn 10

13-12-2024 22:14

241213-15v4cazlgz 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cheat fortnite.exe

  • Size

    6.9MB

  • Sample

    241213-15v4cazlgz

  • MD5

    c8241ffaa3c1e6eb10192424e8d2dabb

  • SHA1

    dcf25b0a0b3f1ec681ff71a25d2c9dc0f119dd1d

  • SHA256

    973dc4caf0232f42a06efd4a8695dbb89b3fc8dc974d59cc6cdea34e49967094

  • SHA512

    1b0ba7b8534c214d3ae914d41680f373aa2687c3a8f6bc32dc87aee1164cff151a4ac14aa72a109c30ad5ffd64c11aab90496368be6bb664c56161625fe6b08a

  • SSDEEP

    98304:+SDjWM8JEE1FZqh4KBamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGK:+S0HBeNTfm/pf+xk4dWRpmrbW3jmre

Score
10/10
blankgrabbercollectiondefense_evasiondiscoveryexecutionupx

Malware Config

Targets

    • Target

      cheat fortnite.exe

    • Size

      6.9MB

    • MD5

      c8241ffaa3c1e6eb10192424e8d2dabb

    • SHA1

      dcf25b0a0b3f1ec681ff71a25d2c9dc0f119dd1d

    • SHA256

      973dc4caf0232f42a06efd4a8695dbb89b3fc8dc974d59cc6cdea34e49967094

    • SHA512

      1b0ba7b8534c214d3ae914d41680f373aa2687c3a8f6bc32dc87aee1164cff151a4ac14aa72a109c30ad5ffd64c11aab90496368be6bb664c56161625fe6b08a

    • SSDEEP

      98304:+SDjWM8JEE1FZqh4KBamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGK:+S0HBeNTfm/pf+xk4dWRpmrbW3jmre

    Score
    8/10
    collectiondefense_evasiondiscoveryexecutionupx

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Clipboard Data

      Adversaries may collect data stored in the clipboard from users copying information within or between applications.

      collection

    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Obfuscated Files or Information: Command Obfuscation

      Adversaries may obfuscate content during command execution to impede detection.

      defense_evasion

    • Enumerates processes with tasklist

      discovery

    • Hide Artifacts: Hidden Files and Directories

      defense_evasion

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

    • Target

      �sՉh�.pyc

    • Size

      1KB

    • MD5

      bc8f3cfca4cf492dc36a9132da68d312

    • SHA1

      8a70033589faaa26b5b6cad42607be8f8ff627f3

    • SHA256

      e37f45d8ac4d994babc75a7de4224cdd4a1082168d2af0cb3187b73150efa2ba

    • SHA512

      755ba14c1d85317293c91e7e3bf611c7e78669612d5409485954aee052d5d692b94b87b170187689894a54d3e2656b85a9519a54890e57345248ccde1c8806fe

    Score
    1/10
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks