warzonerat | 08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

Sharing

General

Target

08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
Size

1020KB
Sample

221202-adpjdahc9s
MD5

f8ba9d5452a2fa864ab9859198adc3c3
SHA1

8b1ea66c5df1db1f41b65e228de61f2490474e8a
SHA256

08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
SHA512

2ba11710c6eca4c68168b36c9de0e7ba3e943b3fd022a378019493b1488da753cb950bd8f4abfa23c3a7d82d1b1ad3df4efc50270174ad45c94afc3e09be77a1
SSDEEP

24576:Q12dBx8r0ewCE1fjxWRnTMboTiwAAgEEY4:/dBx8r0vZ5lWRoboTQp

Score

10^/10

warzonerat infostealer persistence rat

Static task

static1

Behavioral task

behavioral1

Sample

08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0.exe

Resource

win10-20220901-en

warzonerat infostealer persistence rat

windows10-1703-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
- Size
  
  1020KB
- MD5
  
  f8ba9d5452a2fa864ab9859198adc3c3
- SHA1
  
  8b1ea66c5df1db1f41b65e228de61f2490474e8a
- SHA256
  
  08b3142a71983995fa6b5f9f4d8bb3c3be1506f9ca1f0e569e1d0e20ec2bf2f0
- SHA512
  
  2ba11710c6eca4c68168b36c9de0e7ba3e943b3fd022a378019493b1488da753cb950bd8f4abfa23c3a7d82d1b1ad3df4efc50270174ad45c94afc3e09be77a1
- SSDEEP
  
  24576:Q12dBx8r0ewCE1fjxWRnTMboTiwAAgEEY4:/dBx8r0vZ5lWRoboTQp
Score

10^/10

warzonerat infostealer persistence rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

warzoneratinfostealerpersistencerat

© 2018-2024

Terms | Privacy