Overview

overview

10

Static

static

10

1698855365...ed.exe

windows7-x64

10

1698855365...ed.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1698855365a738fe5bf028798f4c898a5c26a6beaec785f238cb730d8b1e4cc1f70c0e5974436.dat-decoded.exe

  • Size

    141KB

  • Sample

    231101-trclhsca68

  • MD5

    d2372b8e015b480c9b2ec161ef7a6100

  • SHA1

    2922cacbefcc88e27cc068a91dd08c159dcacdef

  • SHA256

    e5eb5942b64543e52c9ccded87c111d81488cfca455f4d810c167f337b9cdc06

  • SHA512

    f3c16693770c1a0f2e0c7d8b47d1d0c825077c06b7572cf2b7dda5dfee46700ee91db0525826d7ac39de4fa9f842282c7a9e5ce988c28169f7894fb575bc0886

  • SSDEEP

    3072:RARHROub6IiZktM+t4B6IZeAzaZyJ6QYzHHxgGT0Iwn:RkxbQktMo4BRiyjYz6GTrwn

Score
10/10
warzoneratinfostealerrat

Malware Config

Extracted

Family

warzonerat

C2

plazzasecretballeronline.onedumb.com:14977

Targets

    • Target

      1698855365a738fe5bf028798f4c898a5c26a6beaec785f238cb730d8b1e4cc1f70c0e5974436.dat-decoded.exe

    • Size

      141KB

    • MD5

      d2372b8e015b480c9b2ec161ef7a6100

    • SHA1

      2922cacbefcc88e27cc068a91dd08c159dcacdef

    • SHA256

      e5eb5942b64543e52c9ccded87c111d81488cfca455f4d810c167f337b9cdc06

    • SHA512

      f3c16693770c1a0f2e0c7d8b47d1d0c825077c06b7572cf2b7dda5dfee46700ee91db0525826d7ac39de4fa9f842282c7a9e5ce988c28169f7894fb575bc0886

    • SSDEEP

      3072:RARHROub6IiZktM+t4B6IZeAzaZyJ6QYzHHxgGT0Iwn:RkxbQktMo4BRiyjYz6GTrwn

    Score
    10/10
    warzoneratinfostealerrat

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

      ratinfostealerwarzonerat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks