warzonerat | 808471efa1f93a3e6a70c762b8e6d980258c40bb3a6f6aacb08486e64e1ae18f | Triage

Submit
Reports

Overview

overview

Static

static

b214cee84b...9a.exe

windows7_x64

b214cee84b...9a.exe

windows10_x64

Sharing

General

Target

b214cee84b16aeb61636a83879b2fc9a
Size

412KB
Sample

210709-asfsmfp4ye
MD5

b214cee84b16aeb61636a83879b2fc9a
SHA1

b496aef57c8b1712c7e16abb098c20d544e2c639
SHA256

808471efa1f93a3e6a70c762b8e6d980258c40bb3a6f6aacb08486e64e1ae18f
SHA512

cb3999ed5bfc7164770fbf34d947154a124dedaef59f95d543b0a3ec6d3f9063bbacb94650564f78158e05b3b0cee5e99770970c909a3f29ab924ccd46c1fe67

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

b214cee84b16aeb61636a83879b2fc9a.exe

Resource

win7v20210410

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b214cee84b16aeb61636a83879b2fc9a.exe

Resource

win10v20210408

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

147.124.213.132:5200

Targets

- Target
  
  b214cee84b16aeb61636a83879b2fc9a
- Size
  
  412KB
- MD5
  
  b214cee84b16aeb61636a83879b2fc9a
- SHA1
  
  b496aef57c8b1712c7e16abb098c20d544e2c639
- SHA256
  
  808471efa1f93a3e6a70c762b8e6d980258c40bb3a6f6aacb08486e64e1ae18f
- SHA512
  
  cb3999ed5bfc7164770fbf34d947154a124dedaef59f95d543b0a3ec6d3f9063bbacb94650564f78158e05b3b0cee5e99770970c909a3f29ab924ccd46c1fe67
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy