General
-
Target
97851f29efbe6376b3178110a93d255cf180cb27beb4998b87356e38813da3c3
-
Size
2.9MB
-
Sample
240518-ba8zaacb83
-
MD5
5d6caa17bd3e9f5ae9c70fac8bf8697b
-
SHA1
4168c07b4049982bf7a819b4ea70af72b1dcc6b8
-
SHA256
97851f29efbe6376b3178110a93d255cf180cb27beb4998b87356e38813da3c3
-
SHA512
e516e2c20c97949f409cca053b9d7dc31438dcdfcfc529906167ede2005202daccdbeb003164858acce09095b70fa263c5008163083eb1ce7922f25b4f1b6060
-
SSDEEP
24576:eTy7ASmZZcVKfIxTiEVc847flVC6faaQDbGV6eH81k6IbGD2JTu0GoZQDbGV6eHs:eTy7ASmw4gxeOw46fUbNecCCFbNec3
Behavioral task
behavioral1
Sample
97851f29efbe6376b3178110a93d255cf180cb27beb4998b87356e38813da3c3.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
97851f29efbe6376b3178110a93d255cf180cb27beb4998b87356e38813da3c3.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
97851f29efbe6376b3178110a93d255cf180cb27beb4998b87356e38813da3c3
-
Size
2.9MB
-
MD5
5d6caa17bd3e9f5ae9c70fac8bf8697b
-
SHA1
4168c07b4049982bf7a819b4ea70af72b1dcc6b8
-
SHA256
97851f29efbe6376b3178110a93d255cf180cb27beb4998b87356e38813da3c3
-
SHA512
e516e2c20c97949f409cca053b9d7dc31438dcdfcfc529906167ede2005202daccdbeb003164858acce09095b70fa263c5008163083eb1ce7922f25b4f1b6060
-
SSDEEP
24576:eTy7ASmZZcVKfIxTiEVc847flVC6faaQDbGV6eH81k6IbGD2JTu0GoZQDbGV6eHs:eTy7ASmw4gxeOw46fUbNecCCFbNec3
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Modifies Installed Components in the registry
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Defense Evasion
Modify Registry
4Hide Artifacts
1Hidden Files and Directories
1