Overview

overview

10

Static

static

10

85c03635b6...cs.exe

windows7-x64

10

85c03635b6...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85c03635b62b659a658ad8c01b783b90_NeikiAnalytics.exe

  • Size

    152KB

  • Sample

    240601-ajax6sbd97

  • MD5

    85c03635b62b659a658ad8c01b783b90

  • SHA1

    c56b1058d57cd74327023245743e9b7c8582406e

  • SHA256

    14d185a1515ce819096e92186ffe80e3ea9a0b7d7c1588d6db8818ee1b05a5fe

  • SHA512

    34ab4af5961e8436afeb67953afbef442f62faf3c0783f428bedd0c1e0ba789523439570bb96e4c58f807cb858a6cdb82ade89be509137fd97f3dd535d72301c

  • SSDEEP

    3072:4NLOpnhTdOw9YAJOzIYrgVl01T2ENipdD10z5:4NLYdT97JSIHl0QENqC

Score
10/10
bazaloaderwarzoneratinfostealerrattrojan

Malware Config

Extracted

Family

warzonerat

C2

91.192.100.10:10011

Targets

    • Target

      85c03635b62b659a658ad8c01b783b90_NeikiAnalytics.exe

    • Size

      152KB

    • MD5

      85c03635b62b659a658ad8c01b783b90

    • SHA1

      c56b1058d57cd74327023245743e9b7c8582406e

    • SHA256

      14d185a1515ce819096e92186ffe80e3ea9a0b7d7c1588d6db8818ee1b05a5fe

    • SHA512

      34ab4af5961e8436afeb67953afbef442f62faf3c0783f428bedd0c1e0ba789523439570bb96e4c58f807cb858a6cdb82ade89be509137fd97f3dd535d72301c

    • SSDEEP

      3072:4NLOpnhTdOw9YAJOzIYrgVl01T2ENipdD10z5:4NLYdT97JSIHl0QENqC

    Score
    10/10
    warzoneratinfostealerrat

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

      ratinfostealerwarzonerat
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks