warzonerat | cbbe0377e556f1e8d43b85b6e415656d24aafa4f7363c2573fa1d54826903aea | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

cbbe0377e556f1e8d43b85b6e415656d24aafa4f7363c2573fa1d54826903aea
Size

1.4MB
Sample

221110-dj1elsecd5
MD5

deeef66da2997856488b2f7b11221f9c
SHA1

387df1673d7c4559df614071d9db1daa03654596
SHA256

cbbe0377e556f1e8d43b85b6e415656d24aafa4f7363c2573fa1d54826903aea
SHA512

09305324ce441f4119d94de2416e8c1074bf673718fc1e83c70e73ffbd93f183244e065006095695886d95e628c750b48891d0ab33a2a7fced5350770cf2666f
SSDEEP

24576:s6lBqQ8scMDQZL8S2MPRqtPBOiQJinVk:XqKcMDQZp2MPR7iVk

Score

10^/10

warzonerat infostealer persistence rat

Static task

static1

Behavioral task

behavioral1

Sample

cbbe0377e556f1e8d43b85b6e415656d24aafa4f7363c2573fa1d54826903aea.exe

Resource

win10v2004-20220812-en

warzonerat infostealer persistence rat

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

192.3.111.154:5200

Targets

- Target
  
  cbbe0377e556f1e8d43b85b6e415656d24aafa4f7363c2573fa1d54826903aea
- Size
  
  1.4MB
- MD5
  
  deeef66da2997856488b2f7b11221f9c
- SHA1
  
  387df1673d7c4559df614071d9db1daa03654596
- SHA256
  
  cbbe0377e556f1e8d43b85b6e415656d24aafa4f7363c2573fa1d54826903aea
- SHA512
  
  09305324ce441f4119d94de2416e8c1074bf673718fc1e83c70e73ffbd93f183244e065006095695886d95e628c750b48891d0ab33a2a7fced5350770cf2666f
- SSDEEP
  
  24576:s6lBqQ8scMDQZL8S2MPRqtPBOiQJinVk:XqKcMDQZp2MPR7iVk
Score

10^/10

warzonerat infostealer persistence rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
- Executes dropped EXE
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerpersistencerat

© 2018-2024

Terms | Privacy