warzonerat | 9cd6c84ba5aee64aca1a0e7d17839c3974b965efd4ab83cc0d1deb336793f590 | Triage

Submit
Reports

Overview

overview

Static

static

nope-1.exe

windows7_x64

nope-1.exe

windows10_x64

Sharing

General

Target

nope-1.exe
Size

152KB
Sample

210507-jj4pavpbj2
MD5

49e8a6ee9c5dd808767d4753639bb045
SHA1

63739f2feff8d277d53b9af26df46c77d4088cf6
SHA256

9cd6c84ba5aee64aca1a0e7d17839c3974b965efd4ab83cc0d1deb336793f590
SHA512

8dc55930a566f6efcc365f8a8498aaf93ff609aa98acdbbaee3a4f9716d3da322615cc0366ffcf14b81fc6196b7f8cde982c8ba4d2df874d046db3060ab9af06

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

nope-1.exe

Resource

win7v20210408

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

nope-1.exe

Resource

win10v20210410

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

149.28.124.150:5200

Targets

- Target
  
  nope-1.exe
- Size
  
  152KB
- MD5
  
  49e8a6ee9c5dd808767d4753639bb045
- SHA1
  
  63739f2feff8d277d53b9af26df46c77d4088cf6
- SHA256
  
  9cd6c84ba5aee64aca1a0e7d17839c3974b965efd4ab83cc0d1deb336793f590
- SHA512
  
  8dc55930a566f6efcc365f8a8498aaf93ff609aa98acdbbaee3a4f9716d3da322615cc0366ffcf14b81fc6196b7f8cde982c8ba4d2df874d046db3060ab9af06
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy