General

  • Target

    1108-78-0x0000000000400000-0x000000000041D000-memory.dmp

  • Size

    116KB

  • MD5

    0f5649fa83d28d66574cec3c33b44c23

  • SHA1

    c61ef89548ad9c26a6891fe297212679a4b6c732

  • SHA256

    30e2ef3452ac268be9e45583f4050fe18fcd5f8f8b02521ce2e9a556f99c1335

  • SHA512

    b89407dd6ac16ef9646edfd9af266f02a09095270563933aa2b9c0604f884194c012b7474a44eefb2d69504e0a38ba316b6e54c12da89d89a60c0cfbeaf02c38

  • SSDEEP

    1536:5Csejmb+6BQyusX1UjtA0uWRf/eloc/9T1jVEypa:AtD6jSm0uWRfCogTjVEG

Score
10/10

Malware Config

Extracted

Family

warzonerat

C2

blackroots7.duckdns.org:1104

Signatures

  • Warzone RAT payload 1 IoCs
  • Warzonerat family

Files

  • 1108-78-0x0000000000400000-0x000000000041D000-memory.dmp
    .exe windows x86


    Headers

    Sections