UAC bypass

WarzoneRat, AveMaria

WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

Windows security bypass

XpertRAT

XpertRAT is a remote access trojan with various capabilities.

XpertRAT Core Payload

NirSoft MailPassView

Password recovery tool for various email clients

NirSoft WebBrowserPassView

Password recovery tool for various web browsers

Nirsoft

Warzone RAT Payload

Adds policy Run key to start application

Downloads MZ/PE file

Executes dropped EXE

Sets DLL path for service in the registry

UPX packed file

Detects executables packed with UPX/modified UPX open source packer.