General
-
Target
FortniteChecker.rar
-
Size
622KB
-
Sample
250201-fzlx9svjdn
-
MD5
d94f381086d3c569b429d3cf14953cac
-
SHA1
d4f93aa8074b1e251f447cdfafe072c464a43dc3
-
SHA256
b07cd5581b880c8cd56df9ee91e6b312918f84cf1e8e243a60de83f768f7f8e8
-
SHA512
e4f93782157c33c3ad53d4f0f7bd01cb68c3cfd9cc581c888bb31bea11484fd64f98567c1e22e8ee0287e3b71574f038341248544ea06b8fdf706a9c449d7659
-
SSDEEP
12288:Xk8E4Qejx5wuG1+uRN+ATAqEFXWMIEDbCfIAOXb8zE9rS7UGApn+Cq:XkFNyxauPuT0HXLrbC3+HFSIGk+Cq
Malware Config
Targets
-
-
Target
Fortnite Checker.exe
-
Size
883KB
-
MD5
5ff30ec323f9e6ec632ea3b2180a1cbc
-
SHA1
aba95d8f4f7f634170cbad0461a3e6e0a4574059
-
SHA256
d548ea85db4681de9393a4bd8369283db49f9f0525356d15f8ca06259e4fa930
-
SHA512
e990b1de0d4f6c2f830bca0ddea747ab733289f8fc45f2da1b9e20128b9eabb51c8f2ed62ca0346bdbb20ca73b4ab871e2a0298e1f4df9d559d4bbee41cce66c
-
SSDEEP
12288:GToPWBv/cpGrU3ywFm/byWr+5q+LViWdEVr9WoMwtubIwyqd7zw:GTbBv5rU4/b9SDmVr98w009qdHw
Score10/10-
VanillaRat
VanillaRat is an advanced remote administration tool coded in C#.
-
Vanillarat family
-
Vanilla Rat payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-