Overview

overview

10

Static

static

10

2960-2852-...ry.exe

windows7-x64

1

2960-2852-...ry.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    2960-2852-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    c217b5e854765a6a93732423eb3d0026

  • SHA1

    6a6f156905dfa6dd637fda18d0b4d6ebb9837e97

  • SHA256

    63435e52f6bcc14a7cfae83bc24308d4317f0f4521d9d53b495a3124eb1075a0

  • SHA512

    dde464b1ab19294538d081ed29588c75e878a5c221ab2f6a83d9667439d0c6f7a2e4a4ebf4d087afafc92907ab23c5fe13c01e19ff881a5e6a2ec22b63f6f4fb

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYvgVl01T2ENipdDg0z5:4NLYdT97JSIbl0QENqB

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

45.162.228.171:26112

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2960-2852-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows x86


    Headers

    Sections