General
-
Target
decoded-1.exe
-
Size
152KB
-
Sample
210115-5zhmfq7rpa
-
MD5
5d49b53ae5acb1bf240d07a476725e8e
-
SHA1
6aa1e6da21a513f989a819b29889a005604f3153
-
SHA256
561e01008bd45fa4233aff08700b9d1dd4fda7fb24d68925ad0ef3f77dc96163
-
SHA512
a4fb6d703a6aa60bf3747cd98604eb22ad491fd53f80d702c74c43018abc7f5e0f5c073fd1f48b5828614e10e56fe9b852231bd51bec49a36e5af244c38a9813
Static task
static1
Behavioral task
behavioral1
Sample
decoded-1.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
decoded-1.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
decoded-1.exe
-
Size
152KB
-
MD5
5d49b53ae5acb1bf240d07a476725e8e
-
SHA1
6aa1e6da21a513f989a819b29889a005604f3153
-
SHA256
561e01008bd45fa4233aff08700b9d1dd4fda7fb24d68925ad0ef3f77dc96163
-
SHA512
a4fb6d703a6aa60bf3747cd98604eb22ad491fd53f80d702c74c43018abc7f5e0f5c073fd1f48b5828614e10e56fe9b852231bd51bec49a36e5af244c38a9813
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-