warzonerat | 023823859e196b15112c3e59e6247ceef4001f5a36f0e1383aa63b3b5a1c3aa6 | Triage

Submit
Reports

Overview

overview

Static

static

TT.exe

windows7_x64

TT.exe

windows10_x64

Sharing

General

Target

TT.exe
Size

1.5MB
Sample

210112-2m57cjnpbn
MD5

d074acab7ccb3a5e0991fe9274fdca20
SHA1

dff5ce1faa43bfb7ba8fceeba7d044a7eba37e45
SHA256

023823859e196b15112c3e59e6247ceef4001f5a36f0e1383aa63b3b5a1c3aa6
SHA512

e9a2ed5c89d4230ab5d4613def6e99d41a971e8e4350e9e0e1dc0cf842ea292484f20771b8f8e2278ff5a91b4f9adc59c0585e6c463b2e3a86cabbe16313b576

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

TT.exe

Resource

win7v20201028

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

TT.exe

Resource

win10v20201028

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

185.222.57.213:5200

Targets

- Target
  
  TT.exe
- Size
  
  1.5MB
- MD5
  
  d074acab7ccb3a5e0991fe9274fdca20
- SHA1
  
  dff5ce1faa43bfb7ba8fceeba7d044a7eba37e45
- SHA256
  
  023823859e196b15112c3e59e6247ceef4001f5a36f0e1383aa63b3b5a1c3aa6
- SHA512
  
  e9a2ed5c89d4230ab5d4613def6e99d41a971e8e4350e9e0e1dc0cf842ea292484f20771b8f8e2278ff5a91b4f9adc59c0585e6c463b2e3a86cabbe16313b576
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy