Overview

overview

10

Static

static

10

11e71bf9d7...JC.exe

windows7-x64

10

11e71bf9d7...JC.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10-10-2023 17:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    11e71bf9d7e319b9d2dd256e568192d866e75e78062404110d8f55e1bbfcbec2_JC.exe

  • Size

    132KB

  • MD5

    4e580606cc9eb47f724a37fa602a38d8

  • SHA1

    257e647fdb76e23fcff141786724375571497945

  • SHA256

    11e71bf9d7e319b9d2dd256e568192d866e75e78062404110d8f55e1bbfcbec2

  • SHA512

    f8cfa209afaac6a7a141cccfad9e34be45155e27c9fe7b3a86e1f1a83e0b7f3587e670b3a6016ec366d5c3bbfd3af428c9532e9193c29750bf6f0ca20efcb341

  • SSDEEP

    3072:K7W9jps0Tx4azG6GweOTir5axbjNCz45LT7a:KwpsERzGKurEXCzeLT7a

Score
10/10
warzoneratinfostealerrat

Malware Config

Signatures

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

Processes

  • C:\Users\Admin\AppData\Local\Temp\11e71bf9d7e319b9d2dd256e568192d866e75e78062404110d8f55e1bbfcbec2_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\11e71bf9d7e319b9d2dd256e568192d866e75e78062404110d8f55e1bbfcbec2_JC.exe"
    1⤵
      PID:2448

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads