General
-
Target
nope.exe
-
Size
323KB
-
Sample
210507-1w99nmsxwx
-
MD5
05cb7c989fa115270895dbadf7598a1b
-
SHA1
cfa9ac127090cc5826a6e7b6e2b13cceb82ba751
-
SHA256
dbdfbca2dcc01a530cd7c449500dc0f6b564c11f9ed9dc8d746709a235d6826f
-
SHA512
849c96876d37043a95f828ac3587b2049c0217d826f07724330f6d8d9a613868ff79352da8b74078101796d2ddf62037544db8faa680bf77ebdbd6c034fbdca9
Static task
static1
Behavioral task
behavioral1
Sample
nope.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
nope.exe
Resource
win10v20210410
Malware Config
Extracted
warzonerat
149.28.124.150:5200
Targets
-
-
Target
nope.exe
-
Size
323KB
-
MD5
05cb7c989fa115270895dbadf7598a1b
-
SHA1
cfa9ac127090cc5826a6e7b6e2b13cceb82ba751
-
SHA256
dbdfbca2dcc01a530cd7c449500dc0f6b564c11f9ed9dc8d746709a235d6826f
-
SHA512
849c96876d37043a95f828ac3587b2049c0217d826f07724330f6d8d9a613868ff79352da8b74078101796d2ddf62037544db8faa680bf77ebdbd6c034fbdca9
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Executes dropped EXE
-
Loads dropped DLL
-