General

  • Target

    FortniteBurger_v2.zip

  • Size

    4.3MB

  • Sample

    250601-1x8dpsar7z

  • MD5

    ef936f6aa31bc25b4afb7f3f5649efd6

  • SHA1

    2ff02efe29509bdfe4237b008829699accd5ef46

  • SHA256

    172906ab91a1463f9165f4d1776dc1fff7889f9f6e6cb589715f708d1245c561

  • SHA512

    43dba3e46f892156fb9c738bda6a87637892f862edaa447ef2aa4ea7da926d09b3fb46dcaa70452650da113dab76ba6fec33318c697e79135834001d88e58ddc

  • SSDEEP

    98304:DgQJUvRDbziTvgtn1UGOKQYN13xIAPKINBXFmW73d/on+V+ZygZIcREZ:D7ERDvWYh+GOyHiAPKIo6d/on+V+Zygo

Score
10/10

Malware Config

Targets

    • Target

      FortniteBurger_v2.exe

    • Size

      12.1MB

    • MD5

      ab3c04c57b45c6cf7c26e29927bf08bb

    • SHA1

      d90b3ee235deaa17d040a765903d746109496e9b

    • SHA256

      56301ff6ca34d34ebfa22c32c3410fe9a60182bd23361f2b8730bd39d3cc9cef

    • SHA512

      88ca9e04b21a0190eb8679ce9dab1caf8946bb10715b7c745506587ea4ad6f53d1dd07e9995c6a85d7663ef0ab24f9905dacd747e4109855fc91495fda937be2

    • SSDEEP

      98304:6iT+P9qm/Y3mDDDy/WTAjM7iHbaldePP84H+4jcFYT1iJFz8tgPC:6i2A3mDDDy/WTALOg8o+9qpiJFz8tgC

    Score
    10/10
    • Detect ZGRat V2

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Zgrat family

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v16

Tasks