Extracted

• • Target

    b5c4c017f78ff620f7f31a53fe9f9385.exe

  • Size

    98KB

  • MD5

    b5c4c017f78ff620f7f31a53fe9f9385

  • SHA1

    ca06ed0c0b098a6ca94e2138f7d77d2e8892a56c

  • SHA256

    7c8039bd6af548905aa6cd05ebbce5cbec634a48291d938bb3dff60a8b881776

  • SHA512

    ec2cadbaaf25cd63a3bb996a5f70063a6ca2d7663d053bc6859e2ccf8471e37e62262259b5aaa062a69d55e8fe6f1f80a7674df11b5ae1212144d25cfef635d4

  • SSDEEP

    1536:5Csejmb+6BQyusX1UjtA0uWRf/eloc/9T1jVEyp:AtD6jSm0uWRfCogTjVEG

  Score

  10^/10

  warzoneratinfostealerpersistencerat

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

  • Warzone RAT payload

    rat

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2