Overview

overview

10

Static

static

10

1304-1154-...ry.exe

windows7-x64

1

1304-1154-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1304-1154-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    3942024f007774d48335bfd0e1e9efaa

  • SHA1

    0fb25dc62c2d24b33c60e336f4e0111c01057de6

  • SHA256

    40710a372581523e9cd542bcea5c43465b889c3818202a4dea9366291d5c746b

  • SHA512

    0eb39ed51c7bc800483c6960186908fd1cc1389a6085ab3af948c8d94dd73514ff5b94c0ee238bd985b4eb90b81bde094bb43f80b5e8e2cf23baad103e6b8d8c

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYigVl01T2ENipdDA0z5:4NLYdT97JSIwl0QENqZ

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

62.102.148.158:62641

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1304-1154-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows x86


    Headers

    Sections