General
-
Target
6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
-
Size
468KB
-
Sample
211019-kk7cwafdh3
-
MD5
d26d6378054ebb19f2b241722304c9ad
-
SHA1
0888dbbb5170d82bbff12fa68c70d4d0ec4d7d1b
-
SHA256
6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
-
SHA512
3f43c1b27d1f7e19f95b25a2ee7b3695aee3a7cf2c0b77ba15f2ee62b50a30ca2aec2c287573d17ab20144b78a98ae1a7f2eee4cc3232d4bc8a052b2cb965d33
Static task
static1
Behavioral task
behavioral1
Sample
6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155.exe
Resource
win10-en-20210920
Malware Config
Extracted
warzonerat
152.67.253.163:5300
Targets
-
-
Target
6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
-
Size
468KB
-
MD5
d26d6378054ebb19f2b241722304c9ad
-
SHA1
0888dbbb5170d82bbff12fa68c70d4d0ec4d7d1b
-
SHA256
6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
-
SHA512
3f43c1b27d1f7e19f95b25a2ee7b3695aee3a7cf2c0b77ba15f2ee62b50a30ca2aec2c287573d17ab20144b78a98ae1a7f2eee4cc3232d4bc8a052b2cb965d33
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Suspicious use of SetThreadContext
-