Overview

overview

10

Static

static

10

2736-1394-...ry.exe

windows7-x64

1

2736-1394-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2736-1394-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    8ab3c8086fe23774ff31227320b7e796

  • SHA1

    e3c648709bce8e4e093b50c8ce9b887a224e8cbd

  • SHA256

    fa878b4ed17564725768d7c821fd4535f797b9b728fd362afd56a3ca018ae0c6

  • SHA512

    51d15f1d6435411316ee4eab962e7c6b12fcc2dba6efbf961b42e18198f243e203cb9728a606ac2d7049d20440f7d143cad2c3f82d85659cea57ba9072064153

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYJ+gVl01T2ENipdD80z5:4NLYdT97JSIWhl0QENqB

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

91.207.102.163:3823

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2736-1394-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows x86


    Headers

    Sections