Overview

overview

10

Static

static

10

1116-54-0x...ry.dll

windows7-x64

1

1116-54-0x...ry.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1116-54-0x00000000008B0000-0x0000000000A0D000-memory.dmp

  • Size

    1.4MB

  • MD5

    58916128d6648ccbf3b73668b79b0536

  • SHA1

    cec476cc17fa36375041041c9d71098bc888a04a

  • SHA256

    3f6f1eebdfbf3a611d0be85827958ff7262ba9235f501911f792d93ba180c8a6

  • SHA512

    76c056627edeadbe799123b65cdeb2cd1df791de39a7d2211751f1d0fb2cf05a4a2aad315e762a95795b463f6486854bd50ef0ccabe3f8b957a8c9a9630235e9

  • SSDEEP

    3072:a8L7ZpQOtm08sfHPPQ5PBDwr2cFHPsbYzHRG0HIw:a8wqmiHPPQ5PCLPsbYzxG0ow

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

helpme20.duckdns.org:5200

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1116-54-0x00000000008B0000-0x0000000000A0D000-memory.dmp
    .dll windows x86


    Headers

    Sections