General
-
Target
LETTER.JACKSON HEALTH ORGANIZATION.exe
-
Size
918KB
-
Sample
210505-h57f1jsare
-
MD5
ec4fb9bcd4d0f04bf52462fc9251fab1
-
SHA1
d7fb12bd1f18910586fbdf63b7520474044c06c2
-
SHA256
5b109baf5c27b68041f902d867bdde2a260cddbea90ecccb09037751ab2bd032
-
SHA512
c3e8f9a92e7331d38f52b28600ddfa98c6da595bd694bb94f00cc98e9d6b9e744db15eae46a4b77a7212767d1574ede0396203c53faa01e4bc016c1269c81369
Static task
static1
Behavioral task
behavioral1
Sample
LETTER.JACKSON HEALTH ORGANIZATION.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
LETTER.JACKSON HEALTH ORGANIZATION.exe
Resource
win10v20210410
Malware Config
Extracted
warzonerat
esureforme100.myddns.rocks:9321
Targets
-
-
Target
LETTER.JACKSON HEALTH ORGANIZATION.exe
-
Size
918KB
-
MD5
ec4fb9bcd4d0f04bf52462fc9251fab1
-
SHA1
d7fb12bd1f18910586fbdf63b7520474044c06c2
-
SHA256
5b109baf5c27b68041f902d867bdde2a260cddbea90ecccb09037751ab2bd032
-
SHA512
c3e8f9a92e7331d38f52b28600ddfa98c6da595bd694bb94f00cc98e9d6b9e744db15eae46a4b77a7212767d1574ede0396203c53faa01e4bc016c1269c81369
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-