Overview

overview

10

Static

static

10

fd1a4389ae...18.exe

windows7-x64

10

fd1a4389ae...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fd1a4389ae602d038236500becb9e716_JaffaCakes118

  • Size

    13.0MB

  • MD5

    fd1a4389ae602d038236500becb9e716

  • SHA1

    07391dfac902cf86854020fc1a869ba40c0a83ed

  • SHA256

    e0b18b43ed99a197b72b79de7d522eea4eec6cd356d7b185661b171e3cbb4c40

  • SHA512

    6e34b60c7aac1ec6b7dbdf810dc0f93a51cd2a0e9d6a337fe7db5066c42ee050d141fe1af05a289f507fff3e01a982ad69197bfbff739e8253f23a3326ed6822

  • SSDEEP

    196608:yU7d9xZSt4U7d9xZStSU7d9xZSt4U7d9xZStD:D7d9xZo7d9xZS7d9xZo7d9xZA

Score
10/10
ratupxwarzonerat

Malware Config

Signatures

  • Warzone RAT payload 1 IoCs
    rat
  • Warzonerat family
    warzonerat
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fd1a4389ae602d038236500becb9e716_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections