Resubmissions

29-11-2022 08:35

221129-kg6l6sfe9v 10

29-11-2022 08:16

221129-j56fmsbe58 10

General

  • Target

    new.exe

  • Size

    2.3MB

  • Sample

    221129-kg6l6sfe9v

  • MD5

    574e031a4747d5e6315b894f983d3001

  • SHA1

    30222efc71057a20e085b757c7eadb75ee50b155

  • SHA256

    842fc15b363a849a21ce37a22bd237371576a0a92adc3718adce933dfbb16f83

  • SHA512

    7a204e8f508e5e0d0f798f996d53e301d8bc330b86f26dab55ed22495c4ed09c0bc149c2e7857cc1fa68f0e118092b8c9f1ab8d321540c8277fcfd52b76226a1

  • SSDEEP

    12288:2YSJAsjzCjawSIIgH8n7XAW76XcpjvV653IDqYheWiYWZaQKjYD:6JAsjvI

Malware Config

Targets

    • Target

      new.exe

    • Size

      2.3MB

    • MD5

      574e031a4747d5e6315b894f983d3001

    • SHA1

      30222efc71057a20e085b757c7eadb75ee50b155

    • SHA256

      842fc15b363a849a21ce37a22bd237371576a0a92adc3718adce933dfbb16f83

    • SHA512

      7a204e8f508e5e0d0f798f996d53e301d8bc330b86f26dab55ed22495c4ed09c0bc149c2e7857cc1fa68f0e118092b8c9f1ab8d321540c8277fcfd52b76226a1

    • SSDEEP

      12288:2YSJAsjzCjawSIIgH8n7XAW76XcpjvV653IDqYheWiYWZaQKjYD:6JAsjvI

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    • Warzone RAT payload

    • Drops startup file

MITRE ATT&CK Matrix

Tasks