warzonerat | 331656a3ed39083ba3a6ba28eb09b5bcef5d57412a5806d74987e2721c987727 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...52.exe

windows7_x64

SecuriteIn...52.exe

windows10_x64

Sharing

General

Target

SecuriteInfo.com.BScope.Exploit.Shellcode.16352
Size

1.6MB
Sample

201022-z4f9raeyl2
MD5

7fe46c0cd8eb73f3d51c17eeda16bdf9
SHA1

bcf63ed0fb12ee13ee35a9cb6d3c468a46bfcf46
SHA256

331656a3ed39083ba3a6ba28eb09b5bcef5d57412a5806d74987e2721c987727
SHA512

3b15ab194620d254cc2ff7a6cb225eadd22ae4f956dad6be42c0375286560c856ce8d7580b1e5f051cef9b977eace97734af665b347055bcc880e75b27f7d92a

Score

10^/10

warzonerat infostealer rat spyware

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.BScope.Exploit.Shellcode.16352.exe

Resource

win7v200722

spyware rat infostealer warzonerat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.BScope.Exploit.Shellcode.16352.exe

Resource

win10

spyware rat infostealer warzonerat

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.BScope.Exploit.Shellcode.16352
- Size
  
  1.6MB
- MD5
  
  7fe46c0cd8eb73f3d51c17eeda16bdf9
- SHA1
  
  bcf63ed0fb12ee13ee35a9cb6d3c468a46bfcf46
- SHA256
  
  331656a3ed39083ba3a6ba28eb09b5bcef5d57412a5806d74987e2721c987727
- SHA512
  
  3b15ab194620d254cc2ff7a6cb225eadd22ae4f956dad6be42c0375286560c856ce8d7580b1e5f051cef9b977eace97734af665b347055bcc880e75b27f7d92a
Score

10^/10

spyware rat infostealer warzonerat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- JavaScript code in executable
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

spywareratinfostealerwarzonerat

behavioral2

spywareratinfostealerwarzonerat

© 2018-2024

Terms | Privacy