General
-
Target
5d86a72e84fb09b9a475b4874b3dc7c5.exe
-
Size
823KB
-
Sample
230223-lz275sfd97
-
MD5
5d86a72e84fb09b9a475b4874b3dc7c5
-
SHA1
4350c102b9fc78aa327590d66e1e0790d2719ada
-
SHA256
3952f433586344471f8ab039c2b682b090a38d880d5f2335483d07347068b0a8
-
SHA512
cbd930efd7f7b8cf094387f4883ee3dbe0c92980eb96606b9fd62f8b08315518149d5927c6f997dd20d0760e8330045c1134f4ea09ed577e657de7c0d82249f4
-
SSDEEP
24576:5wss9uk39IZqFIeYg7w8wtPX+A34yCtcu:Zs9PIZ2Ies8wEA
Static task
static1
Behavioral task
behavioral1
Sample
5d86a72e84fb09b9a475b4874b3dc7c5.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
5d86a72e84fb09b9a475b4874b3dc7c5.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
warzonerat
195.133.40.92:5200
Targets
-
-
Target
5d86a72e84fb09b9a475b4874b3dc7c5.exe
-
Size
823KB
-
MD5
5d86a72e84fb09b9a475b4874b3dc7c5
-
SHA1
4350c102b9fc78aa327590d66e1e0790d2719ada
-
SHA256
3952f433586344471f8ab039c2b682b090a38d880d5f2335483d07347068b0a8
-
SHA512
cbd930efd7f7b8cf094387f4883ee3dbe0c92980eb96606b9fd62f8b08315518149d5927c6f997dd20d0760e8330045c1134f4ea09ed577e657de7c0d82249f4
-
SSDEEP
24576:5wss9uk39IZqFIeYg7w8wtPX+A34yCtcu:Zs9PIZ2Ies8wEA
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Suspicious use of SetThreadContext
-