Overview

overview

10

Static

static

10

4736-1223-...ry.exe

windows7-x64

1

4736-1223-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4736-1223-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    4c1b3f8dadaf66e3074b26c5a70c1464

  • SHA1

    fbcb486ccea33a7f48a6cc9f333a514b601fb3bb

  • SHA256

    b0b4c533be0d527868c8d5cd9bc7092170bb523b9548f1dac25946ffc5c4b454

  • SHA512

    da65cef82df24a2466fa9cd65cc88650650077608db74819649b991f483539f55c43ff92a92fde8764d2b726ae93e85a2f1c4f6e8a476b31952456836ac360eb

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYJLMgVl01T2ENipdDU0z5:4NLYdT97JSIqvl0QENqR

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

62.102.148.185:64544

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4736-1223-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows x86


    Headers

    Sections