Overview

overview

10

Static

static

10

4032-1090-...ry.exe

windows7-x64

1

4032-1090-...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4032-1090-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    1f8ffec698be09945c9f460bf6ce7d02

  • SHA1

    79e25bf8def88d56952bbd0260bd93146733c34e

  • SHA256

    ce93937fc7619639387645a8b6d585783e8f22b0c8ae29e1aec734a970e942fe

  • SHA512

    308d21423593c78394f35c54964b388c8adbefc866d6994a75f8916231092a61dfcda856a06845f97c7e548cacba6dc4e131c69ba640ad432ed10f86bc404400

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYigVl01T2ENipdDB0z5:4NLYdT97JSIwl0QENqu

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

62.102.148.158:62641

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4032-1090-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows x86


    Headers

    Sections