warzonerat | 8a1ceb6687babe6ab82a38ca344d1092a7fc9bd6dbaf3420a3311c50131928ef | Triage

Submit
Reports

Overview

overview

Static

static

JOB-in.lin...sx.exe

windows7_x64

JOB-in.lin...sx.exe

windows10_x64

Sharing

General

Target

JOB-in.line e.K.- Purchase Order 19600396 & 19600397.xlsx.exe
Size

782KB
Sample

210701-nsawm3mcgn
MD5

851835c0488a22e389e2ce7793f3cb02
SHA1

afb6572bc1e6e2f0a76a677bca60b146f50d3bd7
SHA256

8a1ceb6687babe6ab82a38ca344d1092a7fc9bd6dbaf3420a3311c50131928ef
SHA512

60fc9ffca1f2790288bb9dd60ca4a8a5eaff42a48f5a5c6ccb59efb319be862af0b699e71a7d0522cb24a5b36dcd8b9c783d31c7eadee0ebdae9b6e5df836e8e

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

JOB-in.line e.K.- Purchase Order 19600396 & 19600397.xlsx.exe

Resource

win7v20210408

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

JOB-in.line e.K.- Purchase Order 19600396 & 19600397.xlsx.exe

Resource

win10v20210410

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

13.82.24.228:5918

Targets

- Target
  
  JOB-in.line e.K.- Purchase Order 19600396 & 19600397.xlsx.exe
- Size
  
  782KB
- MD5
  
  851835c0488a22e389e2ce7793f3cb02
- SHA1
  
  afb6572bc1e6e2f0a76a677bca60b146f50d3bd7
- SHA256
  
  8a1ceb6687babe6ab82a38ca344d1092a7fc9bd6dbaf3420a3311c50131928ef
- SHA512
  
  60fc9ffca1f2790288bb9dd60ca4a8a5eaff42a48f5a5c6ccb59efb319be862af0b699e71a7d0522cb24a5b36dcd8b9c783d31c7eadee0ebdae9b6e5df836e8e
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy