warzonerat | 561e01008bd45fa4233aff08700b9d1dd4fda7fb24d68925ad0ef3f77dc96163 | Triage

Submit
Reports

Overview

overview

Static

static

decoded-1.exe

windows7_x64

decoded-1.exe

windows10_x64

Sharing

General

Target

decoded-1.exe
Size

152KB
Sample

210115-5zhmfq7rpa
MD5

5d49b53ae5acb1bf240d07a476725e8e
SHA1

6aa1e6da21a513f989a819b29889a005604f3153
SHA256

561e01008bd45fa4233aff08700b9d1dd4fda7fb24d68925ad0ef3f77dc96163
SHA512

a4fb6d703a6aa60bf3747cd98604eb22ad491fd53f80d702c74c43018abc7f5e0f5c073fd1f48b5828614e10e56fe9b852231bd51bec49a36e5af244c38a9813

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

decoded-1.exe

Resource

win7v20201028

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

decoded-1.exe

Resource

win10v20201028

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  decoded-1.exe
- Size
  
  152KB
- MD5
  
  5d49b53ae5acb1bf240d07a476725e8e
- SHA1
  
  6aa1e6da21a513f989a819b29889a005604f3153
- SHA256
  
  561e01008bd45fa4233aff08700b9d1dd4fda7fb24d68925ad0ef3f77dc96163
- SHA512
  
  a4fb6d703a6aa60bf3747cd98604eb22ad491fd53f80d702c74c43018abc7f5e0f5c073fd1f48b5828614e10e56fe9b852231bd51bec49a36e5af244c38a9813
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy