General
-
Target
crat.exe
-
Size
526KB
-
Sample
210507-1p5wygcxxa
-
MD5
51f96dfcb6d8ea6422b9bba50ccd31ac
-
SHA1
698657bce5870929f55ffd6a8d10e2a4a5be90ae
-
SHA256
f9ca14fcdffeb48b11ea026812ac0a7dc941f27e0c1384dc8e9b83b18de4c2a7
-
SHA512
ecee48b1e55e099c52d4b8e73544260d03f1c749321ff13150068dcebd1a575a93fbc7c5f7ad1a0ab1bffdb566a36757f9810df332110621ed3d5d600641bc18
Static task
static1
Behavioral task
behavioral1
Sample
crat.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
crat.exe
Resource
win10v20210410
Malware Config
Extracted
warzonerat
149.28.124.150:5200
Targets
-
-
Target
crat.exe
-
Size
526KB
-
MD5
51f96dfcb6d8ea6422b9bba50ccd31ac
-
SHA1
698657bce5870929f55ffd6a8d10e2a4a5be90ae
-
SHA256
f9ca14fcdffeb48b11ea026812ac0a7dc941f27e0c1384dc8e9b83b18de4c2a7
-
SHA512
ecee48b1e55e099c52d4b8e73544260d03f1c749321ff13150068dcebd1a575a93fbc7c5f7ad1a0ab1bffdb566a36757f9810df332110621ed3d5d600641bc18
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Executes dropped EXE
-
Loads dropped DLL
-