e6259f36_extracted

General
Target

e6259f36_extracted

Size

108KB

Sample

210216-lh4ln84a5s

Score
10 /10
MD5

e197332d64013cee8f527f0785b0f088

SHA1

7b8db8824ab5e8da0aa9ee2785b019b646d6dbaa

SHA256

5fbfaab4910754b7372e12ad09c1d3d18759bf1badd6710fa3cea08aa3abe302

SHA512

b0f3725f476e2d29ded2afaf2a056eee0dc3cd0b676f41d48236fcae9cb0b3f93aa56d2fe72ba9a06d6ff9887e9a0d2dceb0a2927576a5c17ebbce7ed1c81444

Malware Config

Extracted

Family warzonerat
C2

168.61.222.215:5400

Targets
Target

e6259f36_extracted

MD5

e197332d64013cee8f527f0785b0f088

Filesize

108KB

Score
10 /10
SHA1

7b8db8824ab5e8da0aa9ee2785b019b646d6dbaa

SHA256

5fbfaab4910754b7372e12ad09c1d3d18759bf1badd6710fa3cea08aa3abe302

SHA512

b0f3725f476e2d29ded2afaf2a056eee0dc3cd0b676f41d48236fcae9cb0b3f93aa56d2fe72ba9a06d6ff9887e9a0d2dceb0a2927576a5c17ebbce7ed1c81444

Tags

Signatures

  • WarzoneRat, AveMaria

    Description

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          10/10

                          behavioral1

                          10/10

                          behavioral2

                          10/10