Overview

overview

10

Static

static

10

2628-41-0x...ry.exe

windows7-x64

1

2628-41-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2628-41-0x0000000000400000-0x000000000055E000-memory.dmp

  • Size

    1.4MB

  • MD5

    d977c2cfa96ffad07bb1985ce4f858d5

  • SHA1

    1292b0fb2e9e756de26539b4fa22d30f3551348b

  • SHA256

    795ddb43bb55a78e676785c20ea8150cd25cb62ae6795882a573132b91606d50

  • SHA512

    1e3fa6a80e40285416fcbddb641bc90239891e9c940b0be51d4e87a9034b339d3fdb387c0531f2786d57c3fed47fe95a6f197fa89ec3f105568a15c471bbf18c

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIY9gVl01T2ENipdDg0z5:4NLYdT97JSIFl0QENqF

Score
10/10
ratwarzonerat

Malware Config

Extracted

Family

warzonerat

C2

91.207.102.163:26167

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2628-41-0x0000000000400000-0x000000000055E000-memory.dmp
    .exe windows:5 windows x86


    Headers

    Sections