warzonerat | d24dd6cd68f406d083ebc0690537254dcaabfd26ef4987dd6c2cc99c29be277e | Triage

Submit
Reports

Overview

overview

Static

static

d24dd6cd68...7e.exe

windows7-x64

d24dd6cd68...7e.exe

windows10-2004-x64

Sharing

General

Target

d24dd6cd68f406d083ebc0690537254dcaabfd26ef4987dd6c2cc99c29be277e
Size

273KB
Sample

221122-kgjgmsah6y
MD5

8f89c4cd81384874cea3378488944245
SHA1

90c98a9054c4bcb4efda2909471c131e9e00e677
SHA256

d24dd6cd68f406d083ebc0690537254dcaabfd26ef4987dd6c2cc99c29be277e
SHA512

6749590466ea7f2e3c8441ac5eb1d8ef8f87b066cf6eb904fd8140f111d9e817e6fbe275c74f2280cb311ac97a1288e62d6192abca5a4968a649a316d27557c3
SSDEEP

6144:5C1jvMtY4JotTOrgs0GVzu6oz4HdCVdKrL42oJ8L:5C1j8Y4JGOkAlLozedCi/p

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

d24dd6cd68f406d083ebc0690537254dcaabfd26ef4987dd6c2cc99c29be277e.exe

Resource

win7-20220812-en

warzonerat infostealer rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

d24dd6cd68f406d083ebc0690537254dcaabfd26ef4987dd6c2cc99c29be277e.exe

Resource

win10v2004-20221111-en

warzonerat infostealer rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

chinagov.duckdns.org:5202

Targets

- Target
  
  d24dd6cd68f406d083ebc0690537254dcaabfd26ef4987dd6c2cc99c29be277e
- Size
  
  273KB
- MD5
  
  8f89c4cd81384874cea3378488944245
- SHA1
  
  90c98a9054c4bcb4efda2909471c131e9e00e677
- SHA256
  
  d24dd6cd68f406d083ebc0690537254dcaabfd26ef4987dd6c2cc99c29be277e
- SHA512
  
  6749590466ea7f2e3c8441ac5eb1d8ef8f87b066cf6eb904fd8140f111d9e817e6fbe275c74f2280cb311ac97a1288e62d6192abca5a4968a649a316d27557c3
- SSDEEP
  
  6144:5C1jvMtY4JotTOrgs0GVzu6oz4HdCVdKrL42oJ8L:5C1j8Y4JGOkAlLozedCi/p
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy