General
-
Target
61e6a93f43049712b5f2d949fd233fa8015fe4bef01b9e1285d3d87b12f894f2
-
Size
321KB
-
Sample
201111-4v2dbw71x2
-
MD5
600e0dbaefc03f7bf50abb0def3fb465
-
SHA1
1b5f0ac48e06edc4ed8243be61d71077f770f2b4
-
SHA256
61e6a93f43049712b5f2d949fd233fa8015fe4bef01b9e1285d3d87b12f894f2
-
SHA512
151eebac8f8f6e72d130114f030f048dff5bce0f99ff8d3a22e8fed7616155b3e87d29acf79f488d6b53ed2c5c9b05b57f76f1f91a568c21fe9bca228efb23d9
Static task
static1
Behavioral task
behavioral1
Sample
61e6a93f43049712b5f2d949fd233fa8015fe4bef01b9e1285d3d87b12f894f2.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
61e6a93f43049712b5f2d949fd233fa8015fe4bef01b9e1285d3d87b12f894f2.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
61e6a93f43049712b5f2d949fd233fa8015fe4bef01b9e1285d3d87b12f894f2
-
Size
321KB
-
MD5
600e0dbaefc03f7bf50abb0def3fb465
-
SHA1
1b5f0ac48e06edc4ed8243be61d71077f770f2b4
-
SHA256
61e6a93f43049712b5f2d949fd233fa8015fe4bef01b9e1285d3d87b12f894f2
-
SHA512
151eebac8f8f6e72d130114f030f048dff5bce0f99ff8d3a22e8fed7616155b3e87d29acf79f488d6b53ed2c5c9b05b57f76f1f91a568c21fe9bca228efb23d9
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Suspicious use of SetThreadContext
-