warzonerat | cae3b302e9608344b27619da824f86861d614bbb9e5f468fc76becf8b7225e8b | Triage

Submit
Reports

Overview

overview

Static

static

RFQ#0472022.exe

windows7-x64

RFQ#0472022.exe

windows10-2004-x64

Sharing

General

Target

87e4c8830bafd2d717ebcb08d0c67020
Size

248KB
Sample

220804-1bdxzacbgl
MD5

87e4c8830bafd2d717ebcb08d0c67020
SHA1

b2c0ab9fb245bd7971e627172317126491060d45
SHA256

cae3b302e9608344b27619da824f86861d614bbb9e5f468fc76becf8b7225e8b
SHA512

11cbad3e94cb8f878ec55df1caeb53e2c385272b6b997cf8f95501373d48fc48f0d02d3f454c851770bb6fc5e150ed8a9f28d3b3862824b8cd81c029742752af

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

RFQ#0472022.exe

Resource

win7-20220715-en

warzonerat infostealer rat

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

RFQ#0472022.exe

Resource

win10v2004-20220721-en

warzonerat infostealer rat

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

196.196.210.3:62520

Targets

- Target
  
  RFQ#0472022.exe
- Size
  
  2.1MB
- MD5
  
  55fa55a71b21142169f5923de304c1b7
- SHA1
  
  783f6ee4f6a1e83fc1d1d53550c043952debd671
- SHA256
  
  cc9dd64a01b43b62102c0e1b82a0614c33e1dd375463c721f304945cdfb76f21
- SHA512
  
  bed1fa7909b3b14ed1f2d1459caf07655de2097ba096997cfecdf9e3d1ddfab836f6db24d2893223f7a8b3a92b5bcd711f510d9209e78e9756fbfdeb24000023
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy