Overview

overview

10

Static

static

sb.exe

windows7_x64

10

sb.exe

windows10_x64

10

Analysis

  • max time kernel
    116s
  • max time network
    119s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    28-09-2021 09:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sb.exe

  • Size

    1.6MB

  • MD5

    e310cb3185d95e3dda42f0230b569d84

  • SHA1

    c20c8aa953f7df7e9b117258a0d31530e23ffc55

  • SHA256

    82867648313483db4a6115e0cc2b34c06719ffdb6667e50e625e2dc130adfbca

  • SHA512

    a0c4a70bc09ea2eb36a1a27af65891d866beec07a1c21208e0b05e549d3d2f7619bef9012dab9e121e53a6a1a56d642bfb5435520292dd879e30f4db71789bbd

Score
10/10
warzoneratinfostealerrat

Malware Config

Extracted

Family

warzonerat

C2

cachepallioniwarznpa.icu:5200

Signatures

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

Processes

  • C:\Users\Admin\AppData\Local\Temp\sb.exe
    "C:\Users\Admin\AppData\Local\Temp\sb.exe"
    1⤵
      PID:2072

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2072-115-0x0000000000680000-0x00000000007DD000-memory.dmp
      Filesize

      1.4MB

      Download
    • memory/2072-119-0x0000000002A40000-0x0000000003440000-memory.dmp
      Filesize

      10.0MB

      Download