warzonerat | b730bb13134ec777d56a12867d2bca49a1131a49393ab1fa23dcb27a1d3b3cd7 | Triage

Submit
Reports

Overview

overview

Static

static

1

MedNet

windows10_x64

Sharing

General

Target

DrawingKit.exe
Size

2.6MB
Sample

210413-mp9t774whx
MD5

afbbc77f23451f4251297a09759ace85
SHA1

6be1dfae9a86a0fd7dcfefca2c0f52b17041b152
SHA256

b730bb13134ec777d56a12867d2bca49a1131a49393ab1fa23dcb27a1d3b3cd7
SHA512

f8572e449ec04140a52873c12565f52521e5beafe5312b76422c4b8b91c03cc36652a6eae6a72c7b364bb198538f4bcc1859b23b4d2966869c233284a28350e6

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

DrawingKit.exe

Resource

win10v20210410

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

cfr.eur-import.com:6021

Targets

- Target
  
  DrawingKit.exe
- Size
  
  2.6MB
- MD5
  
  afbbc77f23451f4251297a09759ace85
- SHA1
  
  6be1dfae9a86a0fd7dcfefca2c0f52b17041b152
- SHA256
  
  b730bb13134ec777d56a12867d2bca49a1131a49393ab1fa23dcb27a1d3b3cd7
- SHA512
  
  f8572e449ec04140a52873c12565f52521e5beafe5312b76422c4b8b91c03cc36652a6eae6a72c7b364bb198538f4bcc1859b23b4d2966869c233284a28350e6
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy