General
-
Target
Naujas užsakymas. 141.exe
-
Size
1.9MB
-
Sample
211005-va4t4saba9
-
MD5
24273d15847409151e621949d6d1f45c
-
SHA1
c1f4fa43e048a44b8b3d48858f8662589e4ea9cf
-
SHA256
932d5ef35aaa8c8c802fa14326ca63e80f3cf2bb7c1a40d52d343f2fc63efc44
-
SHA512
d2ccb22384690e73e900efb1c3faeead7c5d4bf5d334fb53c9a3c4c0bf48cdb26f27e1f9a1835c6cfca0939e4f8b32e042a65edce60c6c8ec4d593e374979662
Static task
static1
Behavioral task
behavioral1
Sample
Naujas užsakymas. 141.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Naujas užsakymas. 141.exe
Resource
win10-en-20210920
Malware Config
Extracted
warzonerat
91.193.75.173:6667
Targets
-
-
Target
Naujas užsakymas. 141.exe
-
Size
1.9MB
-
MD5
24273d15847409151e621949d6d1f45c
-
SHA1
c1f4fa43e048a44b8b3d48858f8662589e4ea9cf
-
SHA256
932d5ef35aaa8c8c802fa14326ca63e80f3cf2bb7c1a40d52d343f2fc63efc44
-
SHA512
d2ccb22384690e73e900efb1c3faeead7c5d4bf5d334fb53c9a3c4c0bf48cdb26f27e1f9a1835c6cfca0939e4f8b32e042a65edce60c6c8ec4d593e374979662
-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-