General
-
Target
3908-191-0x0000000010670000-0x00000000107C6000-memory.dmp
-
Size
1.3MB
-
Sample
230324-r4hxysfb42
-
MD5
3d857e225181568ecdb20e8acb4997fe
-
SHA1
67f2a71e432f114c42cb46a527dae517c7c4cf54
-
SHA256
53d99d636afb216b3eecd6e9b0d81191b2897510cdaecde6f5d3fbd580aadb01
-
SHA512
5bfac0b7edb8202bc8f7878aae4ed503045fbfe1a1ce07dcceec4a0286c0dc6b68f5b2aa7c7b141d904a0fe17b78c5841bfb20a338899a4a497c29f463ca89a3
-
SSDEEP
1536:HT0jP7/L1B5rVmN8sxHv2M28ix8EUaJxWZoB4u0OVE01:g1VmhaH8EFvW+0OVE0
Behavioral task
behavioral1
Sample
3908-191-0x0000000010670000-0x00000000107C6000-memory.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3908-191-0x0000000010670000-0x00000000107C6000-memory.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
3908-191-0x0000000010670000-0x00000000107C6000-memory.dmp
-
Size
1.3MB
-
MD5
3d857e225181568ecdb20e8acb4997fe
-
SHA1
67f2a71e432f114c42cb46a527dae517c7c4cf54
-
SHA256
53d99d636afb216b3eecd6e9b0d81191b2897510cdaecde6f5d3fbd580aadb01
-
SHA512
5bfac0b7edb8202bc8f7878aae4ed503045fbfe1a1ce07dcceec4a0286c0dc6b68f5b2aa7c7b141d904a0fe17b78c5841bfb20a338899a4a497c29f463ca89a3
-
SSDEEP
1536:HT0jP7/L1B5rVmN8sxHv2M28ix8EUaJxWZoB4u0OVE01:g1VmhaH8EFvW+0OVE0
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-