General
-
Target
PO data file from project 029452.exe
-
Size
544KB
-
Sample
211203-enjs4aecdq
-
MD5
a977e0f159c0a6574c3274a1db5b7a67
-
SHA1
404e0e4a03baca74ec0ec08543917dcc1ce3a187
-
SHA256
3e52503cc1b664efb9fa89c2bed4adff5d460bffbe0dba536363edb5cda1c603
-
SHA512
7e5b8badab27963316865f92a8ca1ee323f0efcc03035cfa731cf9ed268a074d191004eaff08857ad89a9cee4fbf56fee93417f1f0caac77ea72518c3d55571e
Static task
static1
Behavioral task
behavioral1
Sample
PO data file from project 029452.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
PO data file from project 029452.exe
Resource
win10-en-20211104
Malware Config
Extracted
warzonerat
engkaa.ddns.net:4545
Targets
-
-
Target
PO data file from project 029452.exe
-
Size
544KB
-
MD5
a977e0f159c0a6574c3274a1db5b7a67
-
SHA1
404e0e4a03baca74ec0ec08543917dcc1ce3a187
-
SHA256
3e52503cc1b664efb9fa89c2bed4adff5d460bffbe0dba536363edb5cda1c603
-
SHA512
7e5b8badab27963316865f92a8ca1ee323f0efcc03035cfa731cf9ed268a074d191004eaff08857ad89a9cee4fbf56fee93417f1f0caac77ea72518c3d55571e
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT Payload
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-