Overview

overview

10

Static

static

10

2264-1156-...ry.exe

windows7-x64

1

2264-1156-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2264-1156-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    fc65954bf3842b688cbcfa38dac749fd

  • SHA1

    3cbc87d9ca374897a032be54140bbeb3dcdcb027

  • SHA256

    d5bbeaec92ae90173721ff3fe9ac3c54f43aacca1a816a9bd744f7073c760297

  • SHA512

    c4087942802b4825a60ca386a458d6e7908eb40741e0ba8f36f8d14982b7f677a32eceb6a88595336d23cf963b0313a46391ad8aade9340c0ee8953a45f4e3cf

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYlgVl01T2ENipdDq0z5:4NLYdT97JSIZl0QENq/

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

91.207.102.163:23795

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2264-1156-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows x86


    Headers

    Sections