warzonerat | 0946d711cce7a94dc625022706bec44d99fca09d573fff75f6c06a7e0c7de7e4 | Triage

Submit
Reports

Overview

overview

Static

static

FINANCE_.EXE

windows10_x64

Sharing

General

Target

Finance Quote Carolina Construction Inc 7-9-2021 AA.PDF.img
Size

1.2MB
Sample

210719-3bbgv38aqa
MD5

1b7f33d9cc40e1cb6903d10d72fdcad5
SHA1

b4d56b7e32221e888669854da0a3eea52fb21265
SHA256

0946d711cce7a94dc625022706bec44d99fca09d573fff75f6c06a7e0c7de7e4
SHA512

dda271a74a7ed9bc164b21491d577ceb94b3a42f0b0a677e9533599436671cd9599d4e59e2a3431ebcaf461c856c2b12089cb770378de371ac9cd995f6c93d19

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

FINANCE_.EXE

Resource

win10v20210410

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

kali123.hopto.org:5032

Targets

- Target
  
  FINANCE_.EXE
- Size
  
  614KB
- MD5
  
  2df3526f515a182e2b5422d6d2960c76
- SHA1
  
  3b39abcfb2b6786c77dd88ece3e24472d7bc8355
- SHA256
  
  b9d1bafa088296c48f18d848a550e5e7d44d89823e6e98ce518acb64bc4374db
- SHA512
  
  705ba4690367127878d447ee5fc4c495c804569c0834d773b75f814f8889883834356c956f92506e15e6cbaa179add111eb0d90d5dd3308fccd9f6c46334d976
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy