Overview

overview

10

Static

static

1

66e29e6155...4f.exe

windows7-x64

1

66e29e6155...4f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1adb0b5e9d6292dcf815b21029e28cab.bin

  • Size

    928KB

  • Sample

    230422-bghqnsbd63

  • MD5

    0dc2e661de416c41cd461a5b5e262ad7

  • SHA1

    524c01909af3af4bdebc6f33a2978c5a556e5421

  • SHA256

    bbeaf6626d310c10824381aecf2704858d095eb2df2458ac55c24b0e257b97b8

  • SHA512

    570ec95d62b463756f9f3c8638a9030c543a9d840bcc15cba72942c4c8a6f423a11918c7b1fcd5a7f1009c61b043d890b656f4322f8779b9386a7132bd138383

  • SSDEEP

    24576:jTurUwTU3cg8zL9FQKZGaLMY4+dj0DCQPHc:ObU3cXPDPLM5+z28

Score
10/10
warzoneratinfostealerrat

Malware Config

Extracted

Family

warzonerat

C2

72.18.215.2:6473

Targets

    • Target

      66e29e6155b040672ab7a4951754f5fe310a70e05292e7a391ccfa7c95c0df4f.exe

    • Size

      1.2MB

    • MD5

      1adb0b5e9d6292dcf815b21029e28cab

    • SHA1

      b0643eab3a3a096a8637fabf2c3ea5768aa2a585

    • SHA256

      66e29e6155b040672ab7a4951754f5fe310a70e05292e7a391ccfa7c95c0df4f

    • SHA512

      218f38d7256db77d68a06d5aa5d81d3642def8c826a2af2f5bd47fb8096dbe574e5b5e9282c21c05a41fe8e5346952be0def4d908810323cd930602c91db01c3

    • SSDEEP

      24576:AwYjsBX8MwFlc43dul6vGIcUFqxtUQYv/xWC8/Cp08D5r:AhjsCMwYmVvGIcQqx2PJW3/I5r

    Score
    10/10
    warzoneratinfostealerrat

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

      ratinfostealerwarzonerat

    • Warzone RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks