warzonerat | c5d7cbbe95c1ee46f8e76cd859295e56376a2b8985c2f50355e50fd966f05cd4 | Triage

Submit
Reports

Overview

overview

Static

static

T31597760-...01.exe

windows7_x64

T31597760-...01.exe

windows10_x64

Sharing

General

Target

T31597760-Confirm-20210520-100016-Email-1574401.exe
Size

1006KB
Sample

210521-pe5lsmj8vn
MD5

8addb03660ac849d116990b2c3f4bad8
SHA1

f47dc617f55d4f8e7a06cc729b08ed1a5f2f518e
SHA256

c5d7cbbe95c1ee46f8e76cd859295e56376a2b8985c2f50355e50fd966f05cd4
SHA512

9a676bd4abe764dd774de5b678333af00211a7a0e7266054368697f35cb48a6df377f7d40eb1edc92a6e937028d9241ee29a40f4dd7a40fddebffe1811b5e93a

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

T31597760-Confirm-20210520-100016-Email-1574401.exe

Resource

win7v20210410

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

T31597760-Confirm-20210520-100016-Email-1574401.exe

Resource

win10v20210408

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

157.55.136.23:5300

Targets

- Target
  
  T31597760-Confirm-20210520-100016-Email-1574401.exe
- Size
  
  1006KB
- MD5
  
  8addb03660ac849d116990b2c3f4bad8
- SHA1
  
  f47dc617f55d4f8e7a06cc729b08ed1a5f2f518e
- SHA256
  
  c5d7cbbe95c1ee46f8e76cd859295e56376a2b8985c2f50355e50fd966f05cd4
- SHA512
  
  9a676bd4abe764dd774de5b678333af00211a7a0e7266054368697f35cb48a6df377f7d40eb1edc92a6e937028d9241ee29a40f4dd7a40fddebffe1811b5e93a
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy