General
-
Target
SecuriteInfo.com.BScope.Exploit.Shellcode.16352
-
Size
1.6MB
-
Sample
201022-z4f9raeyl2
-
MD5
7fe46c0cd8eb73f3d51c17eeda16bdf9
-
SHA1
bcf63ed0fb12ee13ee35a9cb6d3c468a46bfcf46
-
SHA256
331656a3ed39083ba3a6ba28eb09b5bcef5d57412a5806d74987e2721c987727
-
SHA512
3b15ab194620d254cc2ff7a6cb225eadd22ae4f956dad6be42c0375286560c856ce8d7580b1e5f051cef9b977eace97734af665b347055bcc880e75b27f7d92a
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BScope.Exploit.Shellcode.16352.exe
Resource
win7v200722
Behavioral task
behavioral2
Sample
SecuriteInfo.com.BScope.Exploit.Shellcode.16352.exe
Resource
win10
Malware Config
Targets
-
-
Target
SecuriteInfo.com.BScope.Exploit.Shellcode.16352
-
Size
1.6MB
-
MD5
7fe46c0cd8eb73f3d51c17eeda16bdf9
-
SHA1
bcf63ed0fb12ee13ee35a9cb6d3c468a46bfcf46
-
SHA256
331656a3ed39083ba3a6ba28eb09b5bcef5d57412a5806d74987e2721c987727
-
SHA512
3b15ab194620d254cc2ff7a6cb225eadd22ae4f956dad6be42c0375286560c856ce8d7580b1e5f051cef9b977eace97734af665b347055bcc880e75b27f7d92a
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
JavaScript code in executable
-