Extracted

• • Target

    1c00def0f21c75c24e302066f16d0cb1_JaffaCakes118

  • Size

    963KB

  • MD5

    1c00def0f21c75c24e302066f16d0cb1

  • SHA1

    c9145a18e83e4f333068c018c541b5aac97c2aec

  • SHA256

    fa27c476f090f3f6b912858caf7529dd54d3a05da6a9f0a760056b56b7170850

  • SHA512

    1ecc07454e762788129bb62fdc16469f5d8746a9b2311ca8288b58272a28dc2e3b7a12e5c9c34cd9bc1c4a9ec9a28c4e8b90be0c3af6fdbf81b215157a8e0084

  • SSDEEP

    24576:VAHnh+eWsN3skA4RV1Hom2KXMmHa/VcsNH83L5:Eh+ZkldoPK8Ya/V29

  Score

  10^/10

  warzoneratinfostealerrat

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

  • Warzone RAT payload

    rat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2