warzonerat | 0288f149c280ae5dc3a27ab06b9cfc41582635226b9759e1aebe4d3e641074b4 | Triage

Submit
Reports

Overview

overview

Static

static

SCB_MT103_...DF.exe

windows7_x64

SCB_MT103_...DF.exe

windows10_x64

Sharing

General

Target

SCB_MT103_31951R2105050031_200505.PDF.exe
Size

919KB
Sample

210505-k45gppneh6
MD5

cf3e6f4dd1b47b5e9f09f9b1165bb519
SHA1

68a1a10ad6b7eaa3d95b7eabefb53097cd44845f
SHA256

0288f149c280ae5dc3a27ab06b9cfc41582635226b9759e1aebe4d3e641074b4
SHA512

ac7c777dd47373c5a69c56e0948781c77a18731b630916ebbdae354f32ffd05c7e569f6d2b78fc61d4babc7537cf0126fa28c83246a2d2a75fcf499d36628148

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

SCB_MT103_31951R2105050031_200505.PDF.exe

Resource

win7v20210410

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SCB_MT103_31951R2105050031_200505.PDF.exe

Resource

win10v20210410

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

157.55.136.23:5300

Targets

- Target
  
  SCB_MT103_31951R2105050031_200505.PDF.exe
- Size
  
  919KB
- MD5
  
  cf3e6f4dd1b47b5e9f09f9b1165bb519
- SHA1
  
  68a1a10ad6b7eaa3d95b7eabefb53097cd44845f
- SHA256
  
  0288f149c280ae5dc3a27ab06b9cfc41582635226b9759e1aebe4d3e641074b4
- SHA512
  
  ac7c777dd47373c5a69c56e0948781c77a18731b630916ebbdae354f32ffd05c7e569f6d2b78fc61d4babc7537cf0126fa28c83246a2d2a75fcf499d36628148
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy