General

  • Target

    FortnitePizza.exe

  • Size

    24.3MB

  • Sample

    250425-bsyk9s1ps8

  • MD5

    fc69a9c00ed7f6b585e4829853bd8923

  • SHA1

    ca845c20ae84ed8d4816c40e6909f998d3db0c5f

  • SHA256

    809d0e4a7c8b979bede028a151031d0da55f4be72b46e57b3500cb8d629d2901

  • SHA512

    905b97c37e34cbaa265c66f760d08c91a347aa449845a54eb05b1cff651859f757c23a5123548e6ac5a2ea954754f007766fe956a17cccb5af354d09e4a7774a

  • SSDEEP

    393216:+6B6e3OA4q6T3XuMDmi3XAu5ouCYzASfV4A3mDDDy/WTALOg8BOZ98B:CAx6iMDmi3XAu5ouCZMBOg8cZI

Score
10/10

Malware Config

Targets

    • Target

      FortnitePizza.exe

    • Size

      24.3MB

    • MD5

      fc69a9c00ed7f6b585e4829853bd8923

    • SHA1

      ca845c20ae84ed8d4816c40e6909f998d3db0c5f

    • SHA256

      809d0e4a7c8b979bede028a151031d0da55f4be72b46e57b3500cb8d629d2901

    • SHA512

      905b97c37e34cbaa265c66f760d08c91a347aa449845a54eb05b1cff651859f757c23a5123548e6ac5a2ea954754f007766fe956a17cccb5af354d09e4a7774a

    • SSDEEP

      393216:+6B6e3OA4q6T3XuMDmi3XAu5ouCYzASfV4A3mDDDy/WTALOg8BOZ98B:CAx6iMDmi3XAu5ouCZMBOg8cZI

    Score
    10/10
    • Detect ZGRat V2

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Zgrat family

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v16

Tasks