Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
ReversingLabs: Detection: 50% |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF |
Source: |
Binary string: E:\BRONKZ BACKUP 16 02 2024\Loaders C# Bronkz Private Store\Cheat Fortnite\Driver Fortnite Private Store\payson-ioctl-cheat-driver-main\build\driver\driver.pdb source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Source: |
Binary string: E:\BRONKZ BACKUP 16 02 2024\Loaders C# Bronkz Private Store\Cheat Fortnite\Driver Fortnite Private Store\payson-ioctl-cheat-driver-main\build\driver\driver.pdb source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://certs.apple.com/wwdrg3.der01 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://crl.apple.com/root.crl0 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://ocsp.apple.com/ocsp03-applerootca0. |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://ocsp.apple.com/ocsp03-wwdrg3010 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://ocsp.digicert.com0A |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://ocsp.digicert.com0C |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: http://ocsp.digicert.com0X |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
String found in binary or memory: https://www.apple.com/certificateauthority/0 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Code function: 0_2_00007FF603631094 ExFreePoolWithTag,ExAllocatePool,ZwQuerySystemInformation,ExFreePoolWithTag, |
0_2_00007FF603631094 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Static PE information: invalid certificate |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Binary string: \Device\microsoftedge |
Source: classification engine |
Classification label: mal48.winEXE@1/0@0/0 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
ReversingLabs: Detection: 50% |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Static PE information: Image base 0x140000000 > 0x60000000 |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF |
Source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG |
Source: |
Binary string: E:\BRONKZ BACKUP 16 02 2024\Loaders C# Bronkz Private Store\Cheat Fortnite\Driver Fortnite Private Store\payson-ioctl-cheat-driver-main\build\driver\driver.pdb source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Source: |
Binary string: E:\BRONKZ BACKUP 16 02 2024\Loaders C# Bronkz Private Store\Cheat Fortnite\Driver Fortnite Private Store\payson-ioctl-cheat-driver-main\build\driver\driver.pdb source: SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: all processes |
Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Code function: 0_2_00007FF603631700 cpuid |
0_2_00007FF603631700 |
Source: C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.20172.29195.exe |
Code function: 0_2_00007FF60363128C RtlGetVersion, |
0_2_00007FF60363128C |