General
-
Target
Finance Quote Carolina Construction Inc 7-9-2021 AA.PDF.img
-
Size
1.2MB
-
Sample
210719-3bbgv38aqa
-
MD5
1b7f33d9cc40e1cb6903d10d72fdcad5
-
SHA1
b4d56b7e32221e888669854da0a3eea52fb21265
-
SHA256
0946d711cce7a94dc625022706bec44d99fca09d573fff75f6c06a7e0c7de7e4
-
SHA512
dda271a74a7ed9bc164b21491d577ceb94b3a42f0b0a677e9533599436671cd9599d4e59e2a3431ebcaf461c856c2b12089cb770378de371ac9cd995f6c93d19
Static task
static1
Behavioral task
behavioral1
Sample
FINANCE_.EXE
Resource
win10v20210410
Malware Config
Extracted
warzonerat
kali123.hopto.org:5032
Targets
-
-
Target
FINANCE_.EXE
-
Size
614KB
-
MD5
2df3526f515a182e2b5422d6d2960c76
-
SHA1
3b39abcfb2b6786c77dd88ece3e24472d7bc8355
-
SHA256
b9d1bafa088296c48f18d848a550e5e7d44d89823e6e98ce518acb64bc4374db
-
SHA512
705ba4690367127878d447ee5fc4c495c804569c0834d773b75f814f8889883834356c956f92506e15e6cbaa179add111eb0d90d5dd3308fccd9f6c46334d976
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Loads dropped DLL
-