warzonerat | 43490180b4583c61964bfaca6cbe9558e885a49b87482f4d326c185667b6ed69 | Triage

Submit
Reports

Overview

overview

Static

static

01_extracted.exe

windows7_x64

01_extracted.exe

windows10_x64

Analysis

max time kernel
146s
max time network
180s
platform
windows7_x64
resource
win7v20210410
submitted
04-06-2021 07:02

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

01_extracted.exe

Resource

win7v20210410

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

01_extracted.exe

Resource

win10v20210410

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

01_extracted.exe
Size

98KB
MD5

5af35b0b2291bb9e7b75e23db628aeef
SHA1

d7183a55f7c234e9a600cffa738f05e47369c856
SHA256

43490180b4583c61964bfaca6cbe9558e885a49b87482f4d326c185667b6ed69
SHA512

721c27b151c5d4e4df7ad40fcc3001a0a4b971074358748e03508ed55ad3d05abc37552b1036592ef83f46200ffd17ba999298c91efdec90ffafe17080be55d9

Score

10^/10

warzonerat infostealer rat

Malware Config

Signatures

WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
rat infostealer warzonerat

Processes

C:\Users\Admin\AppData\Local\Temp\01_extracted.exe
"C:\Users\Admin\AppData\Local\Temp\01_extracted.exe"
1⤵
PID:736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/736-60-0x00000000757E1000-0x00000000757E3000-memory.dmp

Filesize
8KB

Download
memory/736-61-0x0000000002B30000-0x0000000002BB4000-memory.dmp

Filesize
528KB

Download

© 2018-2024

Terms | Privacy