General
-
Target
DrawingKit.exe
-
Size
2.6MB
-
Sample
210413-mp9t774whx
-
MD5
afbbc77f23451f4251297a09759ace85
-
SHA1
6be1dfae9a86a0fd7dcfefca2c0f52b17041b152
-
SHA256
b730bb13134ec777d56a12867d2bca49a1131a49393ab1fa23dcb27a1d3b3cd7
-
SHA512
f8572e449ec04140a52873c12565f52521e5beafe5312b76422c4b8b91c03cc36652a6eae6a72c7b364bb198538f4bcc1859b23b4d2966869c233284a28350e6
Static task
static1
Behavioral task
behavioral1
Sample
DrawingKit.exe
Resource
win10v20210410
Malware Config
Extracted
warzonerat
cfr.eur-import.com:6021
Targets
-
-
Target
DrawingKit.exe
-
Size
2.6MB
-
MD5
afbbc77f23451f4251297a09759ace85
-
SHA1
6be1dfae9a86a0fd7dcfefca2c0f52b17041b152
-
SHA256
b730bb13134ec777d56a12867d2bca49a1131a49393ab1fa23dcb27a1d3b3cd7
-
SHA512
f8572e449ec04140a52873c12565f52521e5beafe5312b76422c4b8b91c03cc36652a6eae6a72c7b364bb198538f4bcc1859b23b4d2966869c233284a28350e6
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Executes dropped EXE
-
Loads dropped DLL
-