warzonerat | 1142c903a0559833481d199320d433f99a4599db90d4ba0db736a39a8729c7bf | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

1142c903a0559833481d199320d433f99a4599db90d4ba0db736a39a8729c7bf
Size

405KB
Sample

211005-rt2mbaacfj
MD5

900b1c9abbab7a08f9f89b8e12fd2750
SHA1

7e21e44ae28aa91a77771901675ec23f9e81f26e
SHA256

1142c903a0559833481d199320d433f99a4599db90d4ba0db736a39a8729c7bf
SHA512

890a0f440dc795090548039a82c29f0a6b0f61fc4d9e00dde785ae4d72b7c9f5801d67b1e0d8a30185eb13e5ef2798cd68b1d92c6c1b73a44eb12c03ed1f8ac8

Score

10^/10

warzonerat infostealer rat spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

1142c903a0559833481d199320d433f99a4599db90d4ba0db736a39a8729c7bf.exe

Resource

win10-en-20210920

warzonerat infostealer rat spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

telegrammylink.ddns.net:7754

Targets

- Target
  
  1142c903a0559833481d199320d433f99a4599db90d4ba0db736a39a8729c7bf
- Size
  
  405KB
- MD5
  
  900b1c9abbab7a08f9f89b8e12fd2750
- SHA1
  
  7e21e44ae28aa91a77771901675ec23f9e81f26e
- SHA256
  
  1142c903a0559833481d199320d433f99a4599db90d4ba0db736a39a8729c7bf
- SHA512
  
  890a0f440dc795090548039a82c29f0a6b0f61fc4d9e00dde785ae4d72b7c9f5801d67b1e0d8a30185eb13e5ef2798cd68b1d92c6c1b73a44eb12c03ed1f8ac8
Score

10^/10

warzonerat infostealer rat spyware stealer
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

warzoneratinfostealerratspywarestealer

© 2018-2024

Terms | Privacy