Extracted

• • Target

    Quotation-Request.exe

  • Size

    282KB

  • MD5

    4e3cfd2f0ab3148901ba7e33a1ba8ee3

  • SHA1

    324c353ceb28f6134333e9b794cb0b8e03e9a1e6

  • SHA256

    a3eb95be23a44e65540fda0d8b3114f98be79d63818cb42ef9472cafaa24e472

  • SHA512

    6f40d01c1eb1276075baf4cafcb7234992a2a4d9fa7b0b7787d8676bcd5c93736b36c9c77a145c721886fd75ccd65e862f0c3d2eba00641e9837f134ca22cef8

  Score

  10^/10

  warzoneratinfostealerratspywarestealer

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

  • Warzone RAT Payload

    rat

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2