Overview

overview

10

Static

static

10

2884-1225-...ry.exe

windows7-x64

1

2884-1225-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2884-1225-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    96ba5b909919730288ac4c38400a5ef1

  • SHA1

    78c4a5760d11401461c14ef413e9ff0e999abcae

  • SHA256

    12cccd08cdd625ed5d9c0c03d3e69e601b30d98097e0bfbb2899f45808d1c572

  • SHA512

    7b86dd5a358026b7c30778a8ce78f8c64cb663fae8160949180e7ffcd320a6e45bd20979ec62dfc623b516fbbee89f42d260806694f2544d33de0c0d1aadf099

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYrgVl01T2ENipdDN0z5:4NLYdT97JSIjl0QENq6

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

91.207.102.163:23795

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2884-1225-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows x86


    Headers

    Sections