General
-
Target
TOA Vietnam Co. Ltd - Inquiry Note from 26.07.2021.exe
-
Size
1.4MB
-
Sample
210726-fbd7nssq66
-
MD5
219ba6bac5cb35641e76ffdee2f97fbc
-
SHA1
4eb1887fc7de7552c674c5501de8776c5175de3f
-
SHA256
ac9a96be003388d497db4755c9ca68a2725c901fdec82b942b4fb84683490b01
-
SHA512
fff2cef9f701e5f1fa50e93e05bc13c13313815b151e9e31ff719d5b13a20d7437544efe001ad4a6745532c408e3adb42e512aaae4858d35e6bc9f18b864a9f3
Static task
static1
Behavioral task
behavioral1
Sample
TOA Vietnam Co. Ltd - Inquiry Note from 26.07.2021.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
TOA Vietnam Co. Ltd - Inquiry Note from 26.07.2021.exe
Resource
win10v20210410
Malware Config
Extracted
warzonerat
185.222.57.73:4557
Targets
-
-
Target
TOA Vietnam Co. Ltd - Inquiry Note from 26.07.2021.exe
-
Size
1.4MB
-
MD5
219ba6bac5cb35641e76ffdee2f97fbc
-
SHA1
4eb1887fc7de7552c674c5501de8776c5175de3f
-
SHA256
ac9a96be003388d497db4755c9ca68a2725c901fdec82b942b4fb84683490b01
-
SHA512
fff2cef9f701e5f1fa50e93e05bc13c13313815b151e9e31ff719d5b13a20d7437544efe001ad4a6745532c408e3adb42e512aaae4858d35e6bc9f18b864a9f3
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
suricata: ET MALWARE Possible Malicious Macro DL EXE Feb 2016
-
Warzone RAT Payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-