warzonerat | 6e9730c5ccc9b7ff072f63d7d246906681df04223af0397e2fd1dfd1dab3f925 | Triage

Submit
Reports

Overview

overview

Static

static

930cf1dd_e...ed.exe

windows7_x64

930cf1dd_e...ed.exe

windows10_x64

Analysis

max time kernel
149s
max time network
151s
platform
windows10_x64
resource
win10v20201028
submitted
04-03-2021 18:20

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

930cf1dd_extracted.exe

Resource

win7v20201028

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

930cf1dd_extracted.exe

Resource

win10v20201028

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

930cf1dd_extracted.exe
Size

101KB
MD5

be8047fa3e13b17852b8750a051726f1
SHA1

687e1165f8657f94ffd01d299f4c491fea56aac2
SHA256

6e9730c5ccc9b7ff072f63d7d246906681df04223af0397e2fd1dfd1dab3f925
SHA512

ef9d69cbe3e96dfb0ef6daf29b36b33d2263b7c779ae043d77a335229ab98e50883517e676dc9b91a965430f724686605fcbb334c596e5bcfb48637e40725c29

Score

10^/10

warzonerat infostealer rat

Malware Config

Signatures

WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
rat infostealer warzonerat

Processes

C:\Users\Admin\AppData\Local\Temp\930cf1dd_extracted.exe
"C:\Users\Admin\AppData\Local\Temp\930cf1dd_extracted.exe"
1⤵
PID:1176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy