warzonerat | ff3f9f08d7956fb6699d0d58f7f02aef326a981a6433b3fa89bb550a90495602 | Triage

Submit
Reports

Overview

overview

Static

static

warzone ra...ew.exe

windows7-x64

warzone ra...ew.exe

windows10-2004-x64

Sharing

General

Target

warzone rawfile new.exe
Size

113KB
Sample

221205-td68zaea27
MD5

7aa7c2c90371cf809dac01092c13d63e
SHA1

5a41e80d24d965f039fca837ecdd6322ca673d4e
SHA256

ff3f9f08d7956fb6699d0d58f7f02aef326a981a6433b3fa89bb550a90495602
SHA512

dbb068e8d2ad9ec64845d43fe993c0f0978b93a3aae616392993e17ec48add26b3521a69003cefd8c71586cf35220b61f52f75cfa5835331d85ffea4018b185f
SSDEEP

1536:h0jP7/L1B5rVmN8sxHv2M28ix8EUaJxWZoB4u0OVE01:K1VmhaH8EFvW+0OVE0

Score

10^/10

warzonerat infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

warzone rawfile new.exe

Resource

win7-20220812-en

warzonerat infostealer rat

windows7-x64

4 signatures

600 seconds

Behavioral task

behavioral2

Sample

warzone rawfile new.exe

Resource

win10v2004-20220812-en

warzonerat infostealer rat

windows10-2004-x64

4 signatures

600 seconds

Malware Config

Extracted

Family

warzonerat

C2

76.8.53.133:1198

Targets

- Target
  
  warzone rawfile new.exe
- Size
  
  113KB
- MD5
  
  7aa7c2c90371cf809dac01092c13d63e
- SHA1
  
  5a41e80d24d965f039fca837ecdd6322ca673d4e
- SHA256
  
  ff3f9f08d7956fb6699d0d58f7f02aef326a981a6433b3fa89bb550a90495602
- SHA512
  
  dbb068e8d2ad9ec64845d43fe993c0f0978b93a3aae616392993e17ec48add26b3521a69003cefd8c71586cf35220b61f52f75cfa5835331d85ffea4018b185f
- SSDEEP
  
  1536:h0jP7/L1B5rVmN8sxHv2M28ix8EUaJxWZoB4u0OVE01:K1VmhaH8EFvW+0OVE0
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy