warzonerat | 85c02d0cd6412118420143865d77fc24fdc9fcddae292155919aad1270d327ca | Triage

Submit
Reports

Overview

overview

Static

static

Magaza_opi...oc.exe

windows7_x64

Magaza_opi...oc.exe

windows10_x64

Sharing

General

Target

Magaza_opis oferty produktowej_SKCMGCCdoc.exe
Size

35KB
Sample

210630-nyghvp2l2n
MD5

b455358185501ce270f622fa64e60560
SHA1

eb11fece160cc11255541d42ef89c42657cdef67
SHA256

85c02d0cd6412118420143865d77fc24fdc9fcddae292155919aad1270d327ca
SHA512

d7c4c1a0140cddd169e0325c046238dadf253452bac5789f6612d2eb0fb454f0ddefd8ec247b3e5ecf9063f9694e4c70449a9b98243e50ccc14fd22fd809f4e5

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

Magaza_opis oferty produktowej_SKCMGCCdoc.exe

Resource

win7v20210410

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Magaza_opis oferty produktowej_SKCMGCCdoc.exe

Resource

win10v20210408

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

178.170.138.163:4554

Targets

- Target
  
  Magaza_opis oferty produktowej_SKCMGCCdoc.exe
- Size
  
  35KB
- MD5
  
  b455358185501ce270f622fa64e60560
- SHA1
  
  eb11fece160cc11255541d42ef89c42657cdef67
- SHA256
  
  85c02d0cd6412118420143865d77fc24fdc9fcddae292155919aad1270d327ca
- SHA512
  
  d7c4c1a0140cddd169e0325c046238dadf253452bac5789f6612d2eb0fb454f0ddefd8ec247b3e5ecf9063f9694e4c70449a9b98243e50ccc14fd22fd809f4e5
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy