Documento de envio.exe

General
Target

Documento de envio.exe

Size

982KB

Sample

210722-qg15vkfqvx

Score
10 /10
MD5

0fcc784f9400be0d78104a0043ee4479

SHA1

65cac3bdb71487d6e14480ade6397347289e047b

SHA256

864b531c5f5a397b3fd2a8aa91c83f956d93300db9c986bfa7ae4744d7cb732f

SHA512

b32a5475f7ec76dc88201383616e712d867757de39525ac5cda21536c5144e82fb3fe4b08f5024678823e8e1ca7bd8ffea0cbbeab8845636adb6e11e1fd1c975

Malware Config

Extracted

Family warzonerat
C2

juner234.ddns.net:6397

Targets
Target

Documento de envio.exe

MD5

0fcc784f9400be0d78104a0043ee4479

Filesize

982KB

Score
10 /10
SHA1

65cac3bdb71487d6e14480ade6397347289e047b

SHA256

864b531c5f5a397b3fd2a8aa91c83f956d93300db9c986bfa7ae4744d7cb732f

SHA512

b32a5475f7ec76dc88201383616e712d867757de39525ac5cda21536c5144e82fb3fe4b08f5024678823e8e1ca7bd8ffea0cbbeab8845636adb6e11e1fd1c975

Tags

Signatures

  • WarzoneRat, AveMaria

    Description

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    Tags

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          3/10

                          behavioral2

                          10/10