248f1bccc6433a7c02c16d8b90caa3b7d053a6e4cc906c416cdf41a3677fe04b | Triage

Sharing

General

Target

Fortnite-Tools-Pack.zip
Size

91.2MB
Sample

250325-pgfg7swsd1
MD5

b0f746d7ed3e8339b209e5ed82d064f3
SHA1

e9756f1b576d2944a763a47e054cc760e8bf8b86
SHA256

248f1bccc6433a7c02c16d8b90caa3b7d053a6e4cc906c416cdf41a3677fe04b
SHA512

f24f8ed01f43ca38a6b8dd20f31774cec7b126aaf990cc10e6048ec8febfefecd17496a4fc52cd139d045b6521de9d1184bc9b5f063f0c9efbabfcc9f324a2e5
SSDEEP

786432:VTWulMAEjrIRNtpW21P8YdvAxVsvCACHtMG:VTOAEAP7kVsvCVD

Score

7^/10

agilenet discovery

Malware Config

Targets

- Target
  
  AIO Giftcard Generator by Acquire\AIOgenerator by Acquire.exe
- Size
  
  284KB
- MD5
  
  04142f894c394b262245746d3a9fd3ad
- SHA1
  
  368803226a985ff2faf6b02c38fa7f706df49ad1
- SHA256
  
  8dd6477fa8e19f220f167310d2961b7c2a223ed46dd883164913fcac480e8350
- SHA512
  
  4324a8796baf5a701ff49c1d1361433c49042bc4a67b2708c8f4f16e6c8aa9cc62c6d0b6bd7ca66bbf855b629fb805035f05f78deae48d2baae91f7667a8c711
- SSDEEP
  
  6144:5/fUcZlwn55vjiieFHDi+DZUdHDgKhnoUlYN30AUcq7o:CK2n/NeFHDHCDno0YN30AUcq7o
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  AIO Giftcard Generator by Acquire\Qt5CoreVBox.bin
- Size
  
  1.8MB
- MD5
  
  26f56121184843056f1d6e6db3f9844b
- SHA1
  
  f8d6c767cab3be5e55608cc5abd30a4c383759e9
- SHA256
  
  3ad26e1c16b6f49c6136c0c1c02c5943437349a310a6bcc5a8a0f4924a6f4ae4
- SHA512
  
  13a0898a6780f474ab4ffe8e46ca0227f03f2c4d26daaf4b61862eb7374a65d887b96a8672f21247e7f3aac4c49cce77521dd1564983b52f8716219aff894b9d
- SSDEEP
  
  24576:2m3hIqxIdAtLA0Q9xtPUf0ZOxGI3ffWgR5vuv54Jdhx76g:2gWaW9xthIXWgR5vuv54Jdhx7n
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  AIO Giftcard Generator by Acquire\bin32.lib
- Size
  
  275KB
- MD5
  
  b9352fa2d673bf124116ba9e5639956e
- SHA1
  
  f511f3b653fc0a7a3e49d1cc58c21c9a53fcf79b
- SHA256
  
  58a0b8c13f085a3181fecc5d97cdfe5e35892af6b4b31d79657fc88512bb520d
- SHA512
  
  eea7bd7ff2023e2239b6d5a5ba96d4ecdab4217ecdd6f7403947aa09b1dd54db533bde3b8ef2256cdb720086754c716842bf98810c135b4d72f281dfe5dd48df
- SSDEEP
  
  6144:1PXVt3l07qcbU0ddapOpVXMpUvRz1Kxudx:FFt3lQbU05pm2z1KxY
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  AIO Giftcard Generator by Acquire\core.cfg
- Size
  
  60.8MB
- MD5
  
  6fc1f551548e78b308b40b803eed893d
- SHA1
  
  6c39dab84699aca9b11fdfaf2faf554283bfa7f8
- SHA256
  
  4f8f41defc38a510c0b8c37a6f6f253d1250e99770a746d0dd4d1abd5d523597
- SHA512
  
  1111dbc16d50cec4b4661e7f6e3ac187bab0203ef50dce1149120c247ec3e1bb7b4fd7fc1c1790ae285de6da74c2bcec4ebf4de6423ae719e4cd1004412dfd24
- SSDEEP
  
  393216:su4EJVLu58rLUUqC6euQ96MjSluRizWs07ySsuB6xahl7YwbUfIW21nKNXCcZFUe:VHSC9MkW3xahl7PW21nQIbh+N5N
Score

1^/10
behavioral7 behavioral8
- Target
  
  Combo Editor Sexitor by Calina\AlphaFS.lib
- Size
  
  275KB
- MD5
  
  b9352fa2d673bf124116ba9e5639956e
- SHA1
  
  f511f3b653fc0a7a3e49d1cc58c21c9a53fcf79b
- SHA256
  
  58a0b8c13f085a3181fecc5d97cdfe5e35892af6b4b31d79657fc88512bb520d
- SHA512
  
  eea7bd7ff2023e2239b6d5a5ba96d4ecdab4217ecdd6f7403947aa09b1dd54db533bde3b8ef2256cdb720086754c716842bf98810c135b4d72f281dfe5dd48df
- SSDEEP
  
  6144:1PXVt3l07qcbU0ddapOpVXMpUvRz1Kxudx:FFt3lQbU05pm2z1KxY
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Combo Editor Sexitor by Calina\Colorful.Console.dll
- Size
  
  88KB
- MD5
  
  5f3d2cfbc21591b8feef1efa3e59a4d0
- SHA1
  
  15d1ad963a13b6c8ae28c26e7dc1cc3da2bc3bb8
- SHA256
  
  f31d4fd7e729fc6cf4ecab972b6b1ee897918a325b1ca572030966f831e768fb
- SHA512
  
  05135188c3b75cf642e4e1e833d01c24d2ce2c2b1ae71b0edf048e453a4716226d7af582365d2f6ab803b4b0fe83ce67d4c39125963fc50d597c30e56ae74a2f
- SSDEEP
  
  1536:hLeJYLqthWMjfBiRlijZFgWHdQe9nLClbWG:hxLqtQMv7d9nLqCG
Score

1^/10
behavioral11 behavioral12
- Target
  
  Combo Editor Sexitor by Calina\Newtonsoft.Json.dll
- Size
  
  659KB
- MD5
  
  4df6c8781e70c3a4912b5be796e6d337
- SHA1
  
  cbc510520fcd85dbc1c82b02e82040702aca9b79
- SHA256
  
  3598cccad5b535fea6f93662107a4183bfd6167bf1d0f80260436093edc2e3af
- SHA512
  
  964d9813e4d11e1e603e0a9627885c52034b088d0b0dfa5ac0043c27df204e621a2a654445f440ae318e15b1c5fea5c469da9e6a7350a787fef9edf6f0418e5c
- SSDEEP
  
  12288:rktg1lrjC8rjICqbwNjR4xq7iiX19K7Df/SoOKQrIB+jfP:rggD7PIEjR4xq7iiXTK7D3So9AIB+jn
Score

1^/10
behavioral13 behavioral14
- Target
  
  Combo Editor Sexitor by Calina\Sexitor.exe
- Size
  
  218KB
- MD5
  
  30b901d912687b60320d97fb916afd3d
- SHA1
  
  704cba332df8d48eeee9263b880773b806a4eb83
- SHA256
  
  6966e27f091f7a31fffb0e6c44fc12a56fc8f942e96328ac1e726b333a839f3a
- SHA512
  
  a3982810cafa2d1d88903aaef583a2f69b473bc22251cdb682b83ea7fd6d753f213d177aaac916d78f74d01b122f481a61c2c7cbcfc01abc8b7c6892c7bd0e58
- SSDEEP
  
  6144:M/iUMZXwnThvjiYeFHDi+DZUdHDgKh7o97cq7o:E6AnhXeFHDHCD7opcq7o
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  Combo Editor Sexitor by Calina\TrinitySeal.dll
- Size
  
  304KB
- MD5
  
  0788cb32d5eb03916c701e0d18e25a74
- SHA1
  
  760162267263322208b979b587fa5d65dd997fec
- SHA256
  
  ea8e5043fce2ea44dfa01bff4336babc27e12dd0cb8509bbd1f3d1d2f98713b0
- SHA512
  
  875e369ce7a97dc061745e8c3b30099c3771f44b88359e56999fe09649e4d6458d1389d29defad62e4f398d95293a1e698d728390e4419f7409fd01c5e14b4dd
- SSDEEP
  
  6144:+Af3+mh/e+Z9f6Vg7yfFi55nyfep86fK5t9iVSHpVgMhX/tXm0jg7aO:BPZ9f6VFfFkykK5yV8pqMhvtXm0OaO
Score

1^/10
behavioral17 behavioral18
- Target
  
  Combo Editor Sexitor by Calina\WThreads.dll
- Size
  
  5KB
- MD5
  
  304955c2b674ee9c7be115feeff079a0
- SHA1
  
  4d732e2733e521c2369389f073ec9d998b58ba8f
- SHA256
  
  bbccee6275024f2609a3f38e8a22641bfa4b22a2e7628bf3d127c06c8d4ee068
- SHA512
  
  ce2895aea1c84422e42c57e2c1b91b4ce8f1b53af1318024b8fcbf1fc1a5bf009776132f721bfc300a0b6ead18fc769c1e65d145820ac3b91ef1c21250dfaff4
- SSDEEP
  
  48:65GPylYD75ZlJqy5RX8uIlkxceoM2DTD8f0VNMPpfEv/cE06FCnsixTyEXtaAlag:1Jqy5R+DUYTD8Medmw6FssXOM
Score

1^/10
behavioral19 behavioral20
- Target
  
  Combo Editor Sexitor by Calina\d3dcompiler_47.cfg
- Size
  
  1.8MB
- MD5
  
  26f56121184843056f1d6e6db3f9844b
- SHA1
  
  f8d6c767cab3be5e55608cc5abd30a4c383759e9
- SHA256
  
  3ad26e1c16b6f49c6136c0c1c02c5943437349a310a6bcc5a8a0f4924a6f4ae4
- SHA512
  
  13a0898a6780f474ab4ffe8e46ca0227f03f2c4d26daaf4b61862eb7374a65d887b96a8672f21247e7f3aac4c49cce77521dd1564983b52f8716219aff894b9d
- SSDEEP
  
  24576:2m3hIqxIdAtLA0Q9xtPUf0ZOxGI3ffWgR5vuv54Jdhx76g:2gWaW9xthIXWgR5vuv54Jdhx7n
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Combo Editor Sexitor by Calina\strip.dll
- Size
  
  177KB
- MD5
  
  93714595cfefec610976eefc2effcf5e
- SHA1
  
  3e90981b88d3007ba259d54d89004332c6c53324
- SHA256
  
  9259bf827bdfdde527bcf741d72ed890a9d5b4573e405e29e63caeb355b0f1d4
- SHA512
  
  83741cd5eb677fcd38fa54d11f3a37b79b4030b5b96457746ad20c7afa21d4ca3905efd2ac12623ed7f1d7fcd8a38d199227c05b7fe642e79cf7e7fe1cc1f89f
- SSDEEP
  
  3072:Bvel0Ldv7MAb8jaApdmzMsLmDa8EPXOvDcnw2ws4ozMqBl:Be2vwQ8Lp4QsiSw2ws4+
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral23 behavioral24
- Target
  
  Fortnite Checker by Burnwood\Fortnite Checker BW.exe
- Size
  
  482KB
- MD5
  
  47195a1409c12b69ab16e54d7384d7da
- SHA1
  
  a118a440006f07c65a5bed614e2f2a0311f59ae8
- SHA256
  
  65bbe881ecad501d055bb6141b112f2e2cba641a542ee1658a778e3f2ad3db23
- SHA512
  
  56752d716967d0c9963a2220590e44b6044421631c739c51474007bd8fac55a84a8aa71c984e3a6c495bb195cb21072e8036b6a3f3ddc87cc50747e00ad04c12
- SSDEEP
  
  6144:Z/fUyZ+wnOpvjiweFHDi+DZUdHDgKhvo3Wcq7o:igBnyveFHDHCDvoGcq7o
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral25 behavioral26
- Target
  
  Fortnite Checker by Burnwood\bin32.bin
- Size
  
  275KB
- MD5
  
  b9352fa2d673bf124116ba9e5639956e
- SHA1
  
  f511f3b653fc0a7a3e49d1cc58c21c9a53fcf79b
- SHA256
  
  58a0b8c13f085a3181fecc5d97cdfe5e35892af6b4b31d79657fc88512bb520d
- SHA512
  
  eea7bd7ff2023e2239b6d5a5ba96d4ecdab4217ecdd6f7403947aa09b1dd54db533bde3b8ef2256cdb720086754c716842bf98810c135b4d72f281dfe5dd48df
- SSDEEP
  
  6144:1PXVt3l07qcbU0ddapOpVXMpUvRz1Kxudx:FFt3lQbU05pm2z1KxY
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Fortnite Checker by Burnwood\database32.dll
- Size
  
  298KB
- MD5
  
  fea57faef28d8ecc9e304aeed30d7865
- SHA1
  
  086c05ec752c450cb1f55b23b93a0d9031e222b4
- SHA256
  
  d6290b0adb56d7519214be9f40c8f12978fab6db11192a899521ed88dcde5827
- SHA512
  
  873b1f42e0ca0ba55eaca3fdee22a181cd20fd241acdc781e5773e4676fc17d7b96ed651af1ba4ccbd91c0234314206440e744661592865d56930d212a376211
- SSDEEP
  
  768:xOI5FfeJnKKyJLRBdWdKuv4nlui5FcuXW6V:/FfeJnpyl3cEW6V
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Fortnite Checker by Burnwood\libcef.lib
- Size
  
  1.8MB
- MD5
  
  26f56121184843056f1d6e6db3f9844b
- SHA1
  
  f8d6c767cab3be5e55608cc5abd30a4c383759e9
- SHA256
  
  3ad26e1c16b6f49c6136c0c1c02c5943437349a310a6bcc5a8a0f4924a6f4ae4
- SHA512
  
  13a0898a6780f474ab4ffe8e46ca0227f03f2c4d26daaf4b61862eb7374a65d887b96a8672f21247e7f3aac4c49cce77521dd1564983b52f8716219aff894b9d
- SSDEEP
  
  24576:2m3hIqxIdAtLA0Q9xtPUf0ZOxGI3ffWgR5vuv54Jdhx76g:2gWaW9xthIXWgR5vuv54Jdhx7n
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32