warzonerat | 14e98f487bcb81ea810e155c7917d298d4ebbc674c795439a1cfa3775f85a679 | Triage

Submit
Reports

Overview

overview

Static

static

Fattura di errore.exe

windows7_x64

3

Fattura di errore.exe

windows10_x64

Sharing

General

Target

Fattura di errore.exe
Size

958KB
Sample

210408-hdycvwlcge
MD5

6546bd083796d7fa2f20246a4bffc82b
SHA1

06d4a96dae07bf99da76cc57585eae0dca31053c
SHA256

14e98f487bcb81ea810e155c7917d298d4ebbc674c795439a1cfa3775f85a679
SHA512

9da93507ae7c83cf85486dc4dd82f3389088622105e0c9da3c0d436f543f8050b992222efccc335ae66d9ba1db5d99d080d9a07fc70bb7d6522ef22c5ffa2784

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

Fattura di errore.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Fattura di errore.exe

Resource

win10v20201028

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

104.209.133.4:7500

Targets

- Target
  
  Fattura di errore.exe
- Size
  
  958KB
- MD5
  
  6546bd083796d7fa2f20246a4bffc82b
- SHA1
  
  06d4a96dae07bf99da76cc57585eae0dca31053c
- SHA256
  
  14e98f487bcb81ea810e155c7917d298d4ebbc674c795439a1cfa3775f85a679
- SHA512
  
  9da93507ae7c83cf85486dc4dd82f3389088622105e0c9da3c0d436f543f8050b992222efccc335ae66d9ba1db5d99d080d9a07fc70bb7d6522ef22c5ffa2784
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy