General
-
Target
RE URGENT!!! 2 x 20ft - SHIPPING DOC BL,SI,INV#462345 MAERSK KLEVEN.rar
-
Size
1021KB
-
Sample
211014-bz272afeg3
-
MD5
7fa3bf29d58333c62fc36bc2ab0fdadf
-
SHA1
2d0d8c185e4ad383c3f9b4e4be9c541385cda01f
-
SHA256
d1ce6205e2058fc13f81a5c14ebcbe2265228be3948aa0545c974335e8561b0b
-
SHA512
dd4d1c99abb4bcbdb4ebcf6c7ed657b34abf95539fb4a6eca2e97e03e79d150e55d104fddb5b8ce1d58c49c00e70f565bd0b3de844ef88b7d2a3c4e04dbe74e0
Static task
static1
Behavioral task
behavioral1
Sample
RE URGENT!!! 2 x 20ft - SHIPPING DOC BL,SI,INV#462345 MAERSK KLEVEN.exe
Resource
win7-en-20210920
Behavioral task
behavioral2
Sample
RE URGENT!!! 2 x 20ft - SHIPPING DOC BL,SI,INV#462345 MAERSK KLEVEN.exe
Resource
win10v20210408
Malware Config
Extracted
warzonerat
bestsuccess.ddns.net:2442
Targets
-
-
Target
RE URGENT!!! 2 x 20ft - SHIPPING DOC BL,SI,INV#462345 MAERSK KLEVEN.exe
-
Size
991KB
-
MD5
afecebe5a5e2394aef67af6eded00288
-
SHA1
446d8e6f515a82457214ea50b4f897684218fbce
-
SHA256
798afa1c705601611bc76eb9420d00072c5c5a7f42f410d11876b772ce71839e
-
SHA512
d7a59556a47efa0e1a16fb48a4d3581dbbddb35ba3ac2e950c6da8cb6292c1dc9840a1b773ab203814d0dba2009d61565a7908ffb68a97323ff99b1f5a15e7e7
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Suspicious use of SetThreadContext
-