General
-
Target
catalogue_2021_samples_list_revised.exe
-
Size
1.3MB
-
Sample
210111-aqdyfdq4t6
-
MD5
e273cbf8e92730099ee6eec6a983872e
-
SHA1
61ff93049d83312f75dfb46ff3cf928a10950a5a
-
SHA256
8fa012cc7bebb93ce19f2d74819faccf7ce9d7aad53c65373432d794726506e5
-
SHA512
2dffe3d810b494b31c5adef6641a104b4937c265340fffd5441a8c3cbd20808848c2e3ff66dfcd97651592e2c74be148abd1a11963050d4b430785ef8cc97aed
Static task
static1
Behavioral task
behavioral1
Sample
catalogue_2021_samples_list_revised.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
catalogue_2021_samples_list_revised.exe
Resource
win10v20201028
Malware Config
Extracted
warzonerat
52.146.42.226:5600
Targets
-
-
Target
catalogue_2021_samples_list_revised.exe
-
Size
1.3MB
-
MD5
e273cbf8e92730099ee6eec6a983872e
-
SHA1
61ff93049d83312f75dfb46ff3cf928a10950a5a
-
SHA256
8fa012cc7bebb93ce19f2d74819faccf7ce9d7aad53c65373432d794726506e5
-
SHA512
2dffe3d810b494b31c5adef6641a104b4937c265340fffd5441a8c3cbd20808848c2e3ff66dfcd97651592e2c74be148abd1a11963050d4b430785ef8cc97aed
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Suspicious use of SetThreadContext
-