General

  • Target

    d6074382_extracted

  • Size

    112KB

  • Sample

    210304-hetk99hqts

  • MD5

    6b342c76af2c4205063f4d76b9c2fe68

  • SHA1

    583f234be15cdd8c31829d868ad42803f7a08201

  • SHA256

    16acc86554ff774922480a72e3689c90c24ee3da46e15ae48bf9cbae95fc9a47

  • SHA512

    47030b0f0c94d4192dd50c7f691cf7c2914183a7001e18c2a0425d3c1ed45242a8f2edadd7838c6dfa5643abea59be0ce2cb9253cc0660a82c506b17cb7bffed

Malware Config

Extracted

Family

warzonerat

C2

20.185.199.35:5800

Targets

    • Target

      d6074382_extracted

    • Size

      112KB

    • MD5

      6b342c76af2c4205063f4d76b9c2fe68

    • SHA1

      583f234be15cdd8c31829d868ad42803f7a08201

    • SHA256

      16acc86554ff774922480a72e3689c90c24ee3da46e15ae48bf9cbae95fc9a47

    • SHA512

      47030b0f0c94d4192dd50c7f691cf7c2914183a7001e18c2a0425d3c1ed45242a8f2edadd7838c6dfa5643abea59be0ce2cb9253cc0660a82c506b17cb7bffed

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

MITRE ATT&CK Matrix

Tasks