warzonerat | 6db5403ea553ff7f6bcf709d828d00e8b64b94608b9fbc366097562c9a3a1740 | Triage

Submit
Reports

Overview

overview

Static

static

6db5403ea5...40.exe

windows7_x64

6db5403ea5...40.exe

windows10-2004_x64

Sharing

General

Target

6db5403ea553ff7f6bcf709d828d00e8b64b94608b9fbc366097562c9a3a1740
Size

1.8MB
Sample

220625-g228pshbcj
MD5

4b26b9948fbbcf50de765bf2f6d050a2
SHA1

997c16dbcaca77e7b9b2c07815384f71c7960689
SHA256

6db5403ea553ff7f6bcf709d828d00e8b64b94608b9fbc366097562c9a3a1740
SHA512

f963736d3ddb22bafc8af555c0e2a5eed6c2ffaf129b482798cd50163cffe723fcdc3b09d93ae4967225a4e8b673e30ce411d652e99d74fea2902589b7e4ca11

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

6db5403ea553ff7f6bcf709d828d00e8b64b94608b9fbc366097562c9a3a1740.exe

Resource

win7-20220414-en

warzonerat infostealer rat

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6db5403ea553ff7f6bcf709d828d00e8b64b94608b9fbc366097562c9a3a1740.exe

Resource

win10v2004-20220414-en

warzonerat infostealer rat

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

warzonerat

C2

185.140.53.46:5200

Targets

- Target
  
  6db5403ea553ff7f6bcf709d828d00e8b64b94608b9fbc366097562c9a3a1740
- Size
  
  1.8MB
- MD5
  
  4b26b9948fbbcf50de765bf2f6d050a2
- SHA1
  
  997c16dbcaca77e7b9b2c07815384f71c7960689
- SHA256
  
  6db5403ea553ff7f6bcf709d828d00e8b64b94608b9fbc366097562c9a3a1740
- SHA512
  
  f963736d3ddb22bafc8af555c0e2a5eed6c2ffaf129b482798cd50163cffe723fcdc3b09d93ae4967225a4e8b673e30ce411d652e99d74fea2902589b7e4ca11
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT Payload
  rat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy