warzonerat | 4ac725ff452104c51cf1cd896797b3c46dfd9fdff4fcb4cb0b78b74a122bcd60 | Triage

Submit
Reports

Overview

overview

Static

static

3

um_x64.exe

windows11-21h2-x64

Resubmissions

18-05-2024 13:17

240518-qjmvqsdc72 10

18-05-2024 13:15

240518-qhnqmsdb99 7

Sharing

General

Target

um_x64.exe
Size

2.2MB
Sample

240518-qjmvqsdc72
MD5

e2fc229dbf8224232d5281b1b9c12aca
SHA1

36c57d932bff9db9c221911fcc676f00c21cf4e6
SHA256

4ac725ff452104c51cf1cd896797b3c46dfd9fdff4fcb4cb0b78b74a122bcd60
SHA512

95d1e3383445210e4cc4574baf7fcd68fb68099f202534108a5120ce776f93b777d112a0175ee41ad5e91b18bddc864ebb89fe7c8817769c3fd16762f1e2a27b
SSDEEP

12288:hw3Pj/+DfNCKml36Ych32o0Fcmr/bXrKT9xiAJ65TTlBDa+zB2av:C3LsN8

Score

10^/10

warzonerat execution infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

um_x64.exe

Resource

win11-20240508-en

warzonerat execution infostealer rat

windows11-21h2-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  um_x64.exe
- Size
  
  2.2MB
- MD5
  
  e2fc229dbf8224232d5281b1b9c12aca
- SHA1
  
  36c57d932bff9db9c221911fcc676f00c21cf4e6
- SHA256
  
  4ac725ff452104c51cf1cd896797b3c46dfd9fdff4fcb4cb0b78b74a122bcd60
- SHA512
  
  95d1e3383445210e4cc4574baf7fcd68fb68099f202534108a5120ce776f93b777d112a0175ee41ad5e91b18bddc864ebb89fe7c8817769c3fd16762f1e2a27b
- SSDEEP
  
  12288:hw3Pj/+DfNCKml36Ych32o0Fcmr/bXrKT9xiAJ65TTlBDa+zB2av:C3LsN8
Score

10^/10

warzonerat execution infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Drops startup file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

warzoneratexecutioninfostealerrat

© 2018-2024

Terms | Privacy