warzonerat | 73636c36105a615c2babd121de083162ffd3e52c38e6dfaf8b8ee28221d4e9fe | Triage

Submit
Reports

Overview

overview

Static

static

New_List01...45.exe

windows7_x64

New_List01...45.exe

windows10-2004_x64

Sharing

General

Target

73636c36105a615c2babd121de083162ffd3e52c38e6dfaf8b8ee28221d4e9fe
Size

395KB
Sample

220521-n6pxhahhcl
MD5

bdfce7d0a970c894caecd0a59f877e3c
SHA1

898185e4939181f2bc33eb74b11466e3166025c0
SHA256

73636c36105a615c2babd121de083162ffd3e52c38e6dfaf8b8ee28221d4e9fe
SHA512

a7014fab9182329b01c96f5e66ee21fd7e5919144e6eb8625f30362c97844820402917d1bc3f44c1894bcbf9b30239f847d5734b55bcb5dcde475150c8b8c4e8

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

New_List017082020202029202928737345.exe

Resource

win7-20220414-en

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

New_List017082020202029202928737345.exe

Resource

win10v2004-20220414-en

warzonerat infostealer rat

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

wapt.myhome-server.de:1050

Targets

- Target
  
  New_List017082020202029202928737345.exe
- Size
  
  442KB
- MD5
  
  303a7cc9d0af7ae7f0e4ce444aa17519
- SHA1
  
  938347effe8c859dc2e43e06f0990abc951b4ab4
- SHA256
  
  73df1ac5611ee275686b92c037d16dd00097eaa16bb2ceeea92d56e1bda1bd00
- SHA512
  
  5688f4d63fe15060ba32553f2592ad216fe93805de91e6478fefde18fe02051bef09e91b6cc82c35cad60f75daed179f0a32b3c8068d14c6ef8fd9c1542452ff
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy