General
-
Target
PAYMENT DOC.exe
-
Size
274KB
-
Sample
211013-nsv7csdghn
-
MD5
55d99749553fb93316b66f480c35d7d1
-
SHA1
27cad4666afbaa3b9730929fcc7cfe5d8f0999b6
-
SHA256
3fac732646ab12565cfd2dbdab89d71b26fad16db25a6143dfb11bf6da3bce26
-
SHA512
b8e4c7617d2077fd425fca7b81bbf709030127cb034a86cc7bd797c535682c1f3be53070438594e75c23915012a24655b6cfd226d34120c9cbf9fa0ff9701aa3
Static task
static1
Behavioral task
behavioral1
Sample
PAYMENT DOC.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
PAYMENT DOC.exe
Resource
win10-en-20210920
Malware Config
Extracted
warzonerat
136.144.41.66:5200
Targets
-
-
Target
PAYMENT DOC.exe
-
Size
274KB
-
MD5
55d99749553fb93316b66f480c35d7d1
-
SHA1
27cad4666afbaa3b9730929fcc7cfe5d8f0999b6
-
SHA256
3fac732646ab12565cfd2dbdab89d71b26fad16db25a6143dfb11bf6da3bce26
-
SHA512
b8e4c7617d2077fd425fca7b81bbf709030127cb034a86cc7bd797c535682c1f3be53070438594e75c23915012a24655b6cfd226d34120c9cbf9fa0ff9701aa3
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-