Overview

overview

10

Static

static

10

decoded-2.exe

windows7-x64

10

decoded-2.exe

windows10-1703-x64

10

Analysis

  • max time kernel
    297s
  • max time network
    301s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    29-11-2022 17:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    decoded-2.exe

  • Size

    189KB

  • MD5

    9b04d1482c7baa98d89e2d30d17172b5

  • SHA1

    71679524e9e32b5ff5ad6a8d0476aad284a846f1

  • SHA256

    925206ecf4ece942fa0ee18d8f6100cf4d90790cdf60946f342ad56d9db3848d

  • SHA512

    263a9ccd51e4f273c37b0c982d4fc1a652c0e3f9ad8f13709d4d049601b30451fcfc77bf91afd26e7d8eb6edf581ac0c19afdef6bc85ebf7187ef145b56d1495

  • SSDEEP

    3072:WzPtbXqn6aR97tie5Niae2vl23G3Fzyffz8LTDhY:Wz1bXq6aR97ViJ2vlz9yffz8LTi

Score
10/10
warzoneratinfostealerrat

Malware Config

Signatures

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

Processes

  • C:\Users\Admin\AppData\Local\Temp\decoded-2.exe
    "C:\Users\Admin\AppData\Local\Temp\decoded-2.exe"
    1⤵
      PID:1784

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1784-120-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-121-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-122-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-123-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-124-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-125-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-126-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-127-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-128-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-130-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-129-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-131-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-132-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-133-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-134-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-135-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-136-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-137-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-138-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-139-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-140-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-141-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-142-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-143-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-144-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-145-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-146-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-147-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-148-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-149-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-150-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-151-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-152-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-154-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-153-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-155-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-156-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-157-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-158-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-159-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-160-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-161-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-162-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-163-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-164-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-165-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-166-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-167-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-168-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-169-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-170-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-171-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-172-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-173-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-174-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-175-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-176-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-177-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-178-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-179-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-180-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-181-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-182-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download
    • memory/1784-183-0x0000000076F50000-0x00000000770DE000-memory.dmp
      Filesize

      1.6MB

      Download