General
-
Target
fc54819ee2c8a0c18cc913036c027baa_JaffaCakes118
-
Size
541KB
-
Sample
240420-j8l66sda71
-
MD5
fc54819ee2c8a0c18cc913036c027baa
-
SHA1
092a1d2d354a3a95644ed34ec72d39f9f271ad4e
-
SHA256
9958131d419bbaf7b385485777f83c03f2757f2aa263fbb1280b1e64f961a164
-
SHA512
8e6ed119461c9e21d85a9f51f9d2cab51308c56dc71823adc6381f6563dba1ecbbae89af4d3c981982bd35461fa7319d5990aa4ed470c8f1de7ce7002ba92608
-
SSDEEP
12288:JIPHb0IoX/9fSp3TRCQeQEkNWkXgQSEwBl:JW0IovUDQ9QEkN1XgPEwBl
Static task
static1
Behavioral task
behavioral1
Sample
fc54819ee2c8a0c18cc913036c027baa_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
fc54819ee2c8a0c18cc913036c027baa_JaffaCakes118
-
Size
541KB
-
MD5
fc54819ee2c8a0c18cc913036c027baa
-
SHA1
092a1d2d354a3a95644ed34ec72d39f9f271ad4e
-
SHA256
9958131d419bbaf7b385485777f83c03f2757f2aa263fbb1280b1e64f961a164
-
SHA512
8e6ed119461c9e21d85a9f51f9d2cab51308c56dc71823adc6381f6563dba1ecbbae89af4d3c981982bd35461fa7319d5990aa4ed470c8f1de7ce7002ba92608
-
SSDEEP
12288:JIPHb0IoX/9fSp3TRCQeQEkNWkXgQSEwBl:JW0IovUDQ9QEkN1XgPEwBl
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-