General
-
Target
60bb544289cfeb878cf212268ad90d9b.exe
-
Size
113KB
-
Sample
210721-bylkdsywh6
-
MD5
60bb544289cfeb878cf212268ad90d9b
-
SHA1
894de031e4cd521c10739650d56d8527c66b6655
-
SHA256
88172a45ab45c79f77b1a560dea8fcbb0ca7db792ca3d77e513e190dffc2a7f0
-
SHA512
e39c040150665f18e2638436e62f2efd282e5c8945b18ae7ab5fb506db6178892525478e38a6269c2e0dead296eaaf189052e3b15743afedbd93eb71790134e6
Static task
static1
Behavioral task
behavioral1
Sample
60bb544289cfeb878cf212268ad90d9b.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
60bb544289cfeb878cf212268ad90d9b.exe
Resource
win10v20210410
Malware Config
Extracted
warzonerat
trenchesrelax.duckdns.org:302
Targets
-
-
Target
60bb544289cfeb878cf212268ad90d9b.exe
-
Size
113KB
-
MD5
60bb544289cfeb878cf212268ad90d9b
-
SHA1
894de031e4cd521c10739650d56d8527c66b6655
-
SHA256
88172a45ab45c79f77b1a560dea8fcbb0ca7db792ca3d77e513e190dffc2a7f0
-
SHA512
e39c040150665f18e2638436e62f2efd282e5c8945b18ae7ab5fb506db6178892525478e38a6269c2e0dead296eaaf189052e3b15743afedbd93eb71790134e6
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Executes dropped EXE
-
Loads dropped DLL
-