warzonerat | 918f09129def9a8720ce512b77e77161e01d76849f0c9b21ee127be1e6202ec4 | Triage

Submit
Reports

Overview

overview

Static

static

3

dbac27d5cd...bb.exe

windows7-x64

dbac27d5cd...bb.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

dbac27d5cd59776c37c8647980259fbb.exe
Size

261KB
Sample

230613-lnp4faff58
MD5

dbac27d5cd59776c37c8647980259fbb
SHA1

81684544284fc77f2297f39fdfb004f835c7f55e
SHA256

918f09129def9a8720ce512b77e77161e01d76849f0c9b21ee127be1e6202ec4
SHA512

ff3080b47732d9c21b914d1d397d61b741847130319e49d85f258527dbfa0eb0e68801b6c125e32a2104c1227c149dc0aa0b35140ec975783636731631865010
SSDEEP

6144:/FE3i2rmViqjnp41UPLaxuZ2/V3UeyxORlFWGnP6MxT:/FiipqGasMkdylvnd

Score

10^/10

warzonerat infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

dbac27d5cd59776c37c8647980259fbb.exe

Resource

win7-20230220-en

warzonerat infostealer rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

dbac27d5cd59776c37c8647980259fbb.exe

Resource

win10v2004-20230220-en

warzonerat infostealer rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

testing1212.ddns.net:5201

Targets

- Target
  
  dbac27d5cd59776c37c8647980259fbb.exe
- Size
  
  261KB
- MD5
  
  dbac27d5cd59776c37c8647980259fbb
- SHA1
  
  81684544284fc77f2297f39fdfb004f835c7f55e
- SHA256
  
  918f09129def9a8720ce512b77e77161e01d76849f0c9b21ee127be1e6202ec4
- SHA512
  
  ff3080b47732d9c21b914d1d397d61b741847130319e49d85f258527dbfa0eb0e68801b6c125e32a2104c1227c149dc0aa0b35140ec975783636731631865010
- SSDEEP
  
  6144:/FE3i2rmViqjnp41UPLaxuZ2/V3UeyxORlFWGnP6MxT:/FiipqGasMkdylvnd
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2025

Terms | Privacy