warzonerat | 6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
Size

468KB
Sample

211019-kk7cwafdh3
MD5

d26d6378054ebb19f2b241722304c9ad
SHA1

0888dbbb5170d82bbff12fa68c70d4d0ec4d7d1b
SHA256

6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
SHA512

3f43c1b27d1f7e19f95b25a2ee7b3695aee3a7cf2c0b77ba15f2ee62b50a30ca2aec2c287573d17ab20144b78a98ae1a7f2eee4cc3232d4bc8a052b2cb965d33

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155.exe

Resource

win10-en-20210920

warzonerat infostealer rat

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

152.67.253.163:5300

Targets

- Target
  
  6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
- Size
  
  468KB
- MD5
  
  d26d6378054ebb19f2b241722304c9ad
- SHA1
  
  0888dbbb5170d82bbff12fa68c70d4d0ec4d7d1b
- SHA256
  
  6eba12f646eaa800404cc49e96ddabbb73478712145b220971d9a21b97e54155
- SHA512
  
  3f43c1b27d1f7e19f95b25a2ee7b3695aee3a7cf2c0b77ba15f2ee62b50a30ca2aec2c287573d17ab20144b78a98ae1a7f2eee4cc3232d4bc8a052b2cb965d33
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy