General
-
Target
41c6594d3fb3d3d38676a2cbe5fd4ca5
-
Size
724KB
-
Sample
210710-cwyehp2pss
-
MD5
41c6594d3fb3d3d38676a2cbe5fd4ca5
-
SHA1
dbd7e47680f8ead9d36f9ae1dd298d7d16233f76
-
SHA256
394b84714c723fe917d65356700c36483a29610251eb06b93fb4a2b0922a68a4
-
SHA512
1acb5f58d00ee91d5cdc92c71d669174d9a383ae9864cfaebaa67882c4ebd73daf813bbab5c094995618c3f139beb9aa356f67b09e8b3a8de55134e1473da7a6
Static task
static1
Behavioral task
behavioral1
Sample
41c6594d3fb3d3d38676a2cbe5fd4ca5.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
41c6594d3fb3d3d38676a2cbe5fd4ca5.exe
Resource
win10v20210410
Malware Config
Extracted
warzonerat
byx.z86.ru:5200
Targets
-
-
Target
41c6594d3fb3d3d38676a2cbe5fd4ca5
-
Size
724KB
-
MD5
41c6594d3fb3d3d38676a2cbe5fd4ca5
-
SHA1
dbd7e47680f8ead9d36f9ae1dd298d7d16233f76
-
SHA256
394b84714c723fe917d65356700c36483a29610251eb06b93fb4a2b0922a68a4
-
SHA512
1acb5f58d00ee91d5cdc92c71d669174d9a383ae9864cfaebaa67882c4ebd73daf813bbab5c094995618c3f139beb9aa356f67b09e8b3a8de55134e1473da7a6
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-