General
-
Target
https://samples.vx-underground.org/samples/Blocks/Virusshare%20Collection/Virusshare.00395.7z
-
Sample
230415-phf55aff2t
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://samples.vx-underground.org/samples/Blocks/Virusshare%20Collection/Virusshare.00395.7z
Resource
win10v2004-20230220-en
windows10-2004-x64
21 signatures
1800 seconds
Malware Config
Targets
-
-
Target
https://samples.vx-underground.org/samples/Blocks/Virusshare%20Collection/Virusshare.00395.7z
-
Detect Blackmoon payload
-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
XMRig Miner payload
-
Patched UPX-packed file
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
Drops Chrome extension
-