General
-
Target
Gulfood 2021 Purchase order 403 urgent spec.tar.gz
-
Size
349KB
-
Sample
211202-qqn2dahaaq
-
MD5
7b31bd3c88f283ba078f6917b444c711
-
SHA1
5be048f4ed6dee6d13ae71533ff3c86c24ae058d
-
SHA256
7ae7d148ef1f7ce42b9d4ef546c7b34c4c1e9f501d48d7358cb3995cd5150c23
-
SHA512
918f36ead0925603840dd810048a975b980709af98ca9a98e2261d15ad71d5a0e61189583016522a8d32674f74f5bc24a2f465aed6d2b397105a5f6bac302036
Static task
static1
Behavioral task
behavioral1
Sample
Gulfood 2021 Purchase order 403 urgent spec.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
Gulfood 2021 Purchase order 403 urgent spec.exe
Resource
win10-en-20211014
Malware Config
Extracted
warzonerat
engkaa.ddns.net:4545
Targets
-
-
Target
Gulfood 2021 Purchase order 403 urgent spec.exe
-
Size
499KB
-
MD5
efa77006bd3d523a9de2826543caa98a
-
SHA1
1899a95a182cbcae4e02b9e9ab554d64f2f3e104
-
SHA256
4741cd3af6f59f70eec833fed1b15217d5aca476df66da7e641b73ebcc6da91f
-
SHA512
2eea5126ed89a77cc314d32a62fd1d17bca4163e5c9c6abca3572d4d931974a565b5cb3a162a8364d05507d3a6ea0ca4a9e8be47bf124b25fe0528ec9e3494a9
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-