warzonerat | ef24b680939e8c9dcb26924e4574807a096fe05d3973193b688d3e859637efe4 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

ef24b680939e8c9dcb26924e4574807a096fe05d3973193b688d3e859637efe4
Size

641KB
Sample

230216-jd44hage28
MD5

c3b4b45de5b76b45a71b91af7f4ce1da
SHA1

64090a6305f2622bfcd48a7840d06a17d300165f
SHA256

ef24b680939e8c9dcb26924e4574807a096fe05d3973193b688d3e859637efe4
SHA512

582675e135be0869b291074d732fd915438da896a5677191a2d6b94bfd295e06e09cb97f23b52dd84f61501c9d55c7141fe3c1807877892d849f9c80e7ad22ea
SSDEEP

12288:LOecesDuZeFbMOKp9oa9kNgCgA47xNcNvjm3GsyAzKy61vusDu7wjx:rcesDkeF4hp9hjA4HcNvjdsyAv61vucb

Score

10^/10

warzonerat infostealer rat

Static task

static1

Behavioral task

behavioral1

Sample

ef24b680939e8c9dcb26924e4574807a096fe05d3973193b688d3e859637efe4.exe

Resource

win10v2004-20221111-en

warzonerat infostealer rat

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  ef24b680939e8c9dcb26924e4574807a096fe05d3973193b688d3e859637efe4
- Size
  
  641KB
- MD5
  
  c3b4b45de5b76b45a71b91af7f4ce1da
- SHA1
  
  64090a6305f2622bfcd48a7840d06a17d300165f
- SHA256
  
  ef24b680939e8c9dcb26924e4574807a096fe05d3973193b688d3e859637efe4
- SHA512
  
  582675e135be0869b291074d732fd915438da896a5677191a2d6b94bfd295e06e09cb97f23b52dd84f61501c9d55c7141fe3c1807877892d849f9c80e7ad22ea
- SSDEEP
  
  12288:LOecesDuZeFbMOKp9oa9kNgCgA47xNcNvjm3GsyAzKy61vusDu7wjx:rcesDkeF4hp9hjA4HcNvjdsyAv61vucb
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

© 2018-2025

Terms | Privacy