Overview

overview

10

Static

static

3

61a8d66780...73.exe

windows7-x64

10

61a8d66780...73.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1b79a09db2caae0fa2b7e07dd43075ce7f7c8ea64bbd5595653c7ee3741d1678

  • Size

    149KB

  • Sample

    240417-q5m3maae23

  • MD5

    b8b95ab14b728d6abe61f1a7cf6d5af5

  • SHA1

    4e9ba2f67dce41717e1562b9b96d9c73a6387af2

  • SHA256

    1b79a09db2caae0fa2b7e07dd43075ce7f7c8ea64bbd5595653c7ee3741d1678

  • SHA512

    26b8db2256b1da60286c12afb3b6a687c205fcd884c96c4d3b20b36bf9af1547d1703ce4fa055b281243f091a7a6eb03db418bd562fc85d9cb94f79e59a12ddc

  • SSDEEP

    3072:wW9sFlj4+BCXZLIWwsixV80tH65G/0UtusH1yBl:wWyXk+sXZLIRaWSG/vdH12l

Score
10/10
warzoneratinfostealerrat

Malware Config

Extracted

Family

warzonerat

C2

216.250.253.35:2356

Targets

    • Target

      61a8d6678098ddfa8d1b418cc5d851823d6b09bd5bb4fcf68f0f0797abe61873.exe

    • Size

      250KB

    • MD5

      96233ef9e1e0dcef45c0747c261fa92d

    • SHA1

      3e36a3ac608fceed37cc6e90cae70c5b2f3c9714

    • SHA256

      61a8d6678098ddfa8d1b418cc5d851823d6b09bd5bb4fcf68f0f0797abe61873

    • SHA512

      06750e79be3c7e82f951a8575edbee3349c8787f9de5e4243e3f9b62c39c9d2d4818adca607d86a999693d995e13821f263c1e063a2a28f4e309cce4e314a56c

    • SSDEEP

      6144:jNc88VTZVxiL2CzS3vlm8LkuJKjWZSLV64:y88Vt7iLVWvU8LdmV

    Score
    10/10
    warzoneratinfostealerrat

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

      ratinfostealerwarzonerat

    • Warzone RAT payload

      rat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks