warzonerat | 7092b115b53bf71085e81d38ce313077f8f508f930295cfa73fa8d93a5bd1868 | Triage

Submit
Reports

Overview

overview

Static

static

License.exe

windows10-2004-x64

Resubmissions

07/07/2023, 15:10

230707-skgffsah5z 10

Sharing

Copy URL Twitter E-mail

General

Target

License.exe
Size

132KB
Sample

230707-skgffsah5z
MD5

3fe2c67520f94b0c9d1221d7421b334a
SHA1

28b16d233707cbf268f438327b77a3f57bf5ad88
SHA256

7092b115b53bf71085e81d38ce313077f8f508f930295cfa73fa8d93a5bd1868
SHA512

a15fab2d996266c9a3d85ee85ea9eb107aeef525e3df422471637c68805454cfdd2188d59965e77e9c5079a57f3ce260f94cdb6f75cf56b247f62a8fc482a75f
SSDEEP

3072:K7W9jps0Tx4azG6GweOTir5axbjNCz45LT7a:KwpsERzGKurEXCzeLT7a

Score

10^/10

warzonerat infostealer persistence rat

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

License.exe

Resource

win10v2004-20230703-en

warzonerat infostealer persistence rat

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

Sanael-62946.portmap.host:62946

Targets

- Target
  
  License.exe
- Size
  
  132KB
- MD5
  
  3fe2c67520f94b0c9d1221d7421b334a
- SHA1
  
  28b16d233707cbf268f438327b77a3f57bf5ad88
- SHA256
  
  7092b115b53bf71085e81d38ce313077f8f508f930295cfa73fa8d93a5bd1868
- SHA512
  
  a15fab2d996266c9a3d85ee85ea9eb107aeef525e3df422471637c68805454cfdd2188d59965e77e9c5079a57f3ce260f94cdb6f75cf56b247f62a8fc482a75f
- SSDEEP
  
  3072:K7W9jps0Tx4azG6GweOTir5axbjNCz45LT7a:KwpsERzGKurEXCzeLT7a
Score

10^/10

warzonerat infostealer persistence rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratinfostealerpersistencerat

© 2018-2025

Terms | Privacy