Overview

overview

10

Static

static

10

24f4400ffc...77.exe

windows7-x64

10

24f4400ffc...77.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    137s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29-11-2022 17:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    24f4400ffce0d3db9be4e7b38f84d89b3f5d62f8b3abe47ec020118907219177.exe

  • Size

    1.4MB

  • MD5

    8ea3fa69b703f8b3160a8e09408d2c39

  • SHA1

    bd4f64af619f5dd026194fe03e66674da2ec2741

  • SHA256

    24f4400ffce0d3db9be4e7b38f84d89b3f5d62f8b3abe47ec020118907219177

  • SHA512

    a9c28e9f6827409ecaa85c65e8d832a5731c6aa95ae73f74a9e3b89bb351ae1d64b7d50b770e0af155e48fabcac4e44c2903237cce75ef59d58bae57159d9c00

  • SSDEEP

    3072:OgarpcGjun4oWwVVt+mdJa+SK/Lr313mtfzCLTXQY:On9Hju4oRVVJa5K/LrhmtfzCLTL

Score
10/10
warzoneratinfostealerrat

Malware Config

Signatures

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

Processes

  • C:\Users\Admin\AppData\Local\Temp\24f4400ffce0d3db9be4e7b38f84d89b3f5d62f8b3abe47ec020118907219177.exe
    "C:\Users\Admin\AppData\Local\Temp\24f4400ffce0d3db9be4e7b38f84d89b3f5d62f8b3abe47ec020118907219177.exe"
    1⤵
      PID:1160

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1160-54-0x0000000075A91000-0x0000000075A93000-memory.dmp
      Filesize

      8KB

      Download