General
-
Target
08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
-
Size
1020KB
-
Sample
221202-adpjdahc9s
-
MD5
f8ba9d5452a2fa864ab9859198adc3c3
-
SHA1
8b1ea66c5df1db1f41b65e228de61f2490474e8a
-
SHA256
08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
-
SHA512
2ba11710c6eca4c68168b36c9de0e7ba3e943b3fd022a378019493b1488da753cb950bd8f4abfa23c3a7d82d1b1ad3df4efc50270174ad45c94afc3e09be77a1
-
SSDEEP
24576:Q12dBx8r0ewCE1fjxWRnTMboTiwAAgEEY4:/dBx8r0vZ5lWRoboTQp
Static task
static1
Behavioral task
behavioral1
Sample
08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0.exe
Resource
win10-20220901-en
Malware Config
Targets
-
-
Target
08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
-
Size
1020KB
-
MD5
f8ba9d5452a2fa864ab9859198adc3c3
-
SHA1
8b1ea66c5df1db1f41b65e228de61f2490474e8a
-
SHA256
08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
-
SHA512
2ba11710c6eca4c68168b36c9de0e7ba3e943b3fd022a378019493b1488da753cb950bd8f4abfa23c3a7d82d1b1ad3df4efc50270174ad45c94afc3e09be77a1
-
SSDEEP
24576:Q12dBx8r0ewCE1fjxWRnTMboTiwAAgEEY4:/dBx8r0vZ5lWRoboTQp
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-