e4cf2714_extracted

General
Target

e4cf2714_extracted

Size

108KB

Sample

210216-a5wrk4samj

Score
10 /10
MD5

8ca266d4d1ce81ab138e70a4736e0a83

SHA1

2e19837c1fdb29a7fd752c677f15da260ef48d41

SHA256

7142ea9e61e8c2b51d58d3745d6609b6c53edf8535de28bbcad79e63bca89a0a

SHA512

0e45c5d709b2aafe636a1c90fc9ef0b6b1f1ea3b2f442d68835bf76778da278c3d2244247b9d049742389efaca73bc5183ab5ef94f51c25bccd8eb866bce4d4e

Malware Config

Extracted

Family warzonerat
C2

137.117.59.51:5200

Targets
Target

e4cf2714_extracted

MD5

8ca266d4d1ce81ab138e70a4736e0a83

Filesize

108KB

Score
10 /10
SHA1

2e19837c1fdb29a7fd752c677f15da260ef48d41

SHA256

7142ea9e61e8c2b51d58d3745d6609b6c53edf8535de28bbcad79e63bca89a0a

SHA512

0e45c5d709b2aafe636a1c90fc9ef0b6b1f1ea3b2f442d68835bf76778da278c3d2244247b9d049742389efaca73bc5183ab5ef94f51c25bccd8eb866bce4d4e

Tags

Signatures

  • WarzoneRat, AveMaria

    Description

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          10/10

                          behavioral1

                          10/10

                          behavioral2

                          10/10