warzonerat | 1b239419c0f7b8b7fee565928beaaee9c32d0897a1f4948f72a7a5339fd60b31 | Triage

Submit
Reports

Overview

overview

Static

static

SHIPPING DOCUMENT.exe

windows7_x64

SHIPPING DOCUMENT.exe

windows10_x64

Resubmissions

19-01-2021 19:03

210119-pz5pj1n8mx 10

19-01-2021 13:10

210119-acqakxycrn 10

Sharing

General

Target

SHIPPING DOCUMENT.exe
Size

894KB
Sample

210119-acqakxycrn
MD5

df83820db281080e66e57ca20f2b7f45
SHA1

eaf95598907bbcfc067ea97529661e849e369600
SHA256

1b239419c0f7b8b7fee565928beaaee9c32d0897a1f4948f72a7a5339fd60b31
SHA512

092c428ec3aea82ca1c278d334147aedd347713bca6fcfe3f5035a2890031a9159038df36c3ea9812d059530edc7b953326c6c601cd09e8bbf16fc763b10c2fc

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

SHIPPING DOCUMENT.exe

Resource

win7v20201028

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SHIPPING DOCUMENT.exe

Resource

win10v20201028

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

40.84.216.183:7600

Targets

- Target
  
  SHIPPING DOCUMENT.exe
- Size
  
  894KB
- MD5
  
  df83820db281080e66e57ca20f2b7f45
- SHA1
  
  eaf95598907bbcfc067ea97529661e849e369600
- SHA256
  
  1b239419c0f7b8b7fee565928beaaee9c32d0897a1f4948f72a7a5339fd60b31
- SHA512
  
  092c428ec3aea82ca1c278d334147aedd347713bca6fcfe3f5035a2890031a9159038df36c3ea9812d059530edc7b953326c6c601cd09e8bbf16fc763b10c2fc
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy