warzonerat | d19591696ed38c40ff3f364a619774f2c0af428e9698c72cf7c644117046b031 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e8ccebd6463cb38312f3c9c646f1e80N.exe
Size

98KB
Sample

240803-jqy31s1hld
MD5

6e8ccebd6463cb38312f3c9c646f1e80
SHA1

79ab9d51ce36b26f19207aea9c9b8cff57967c7a
SHA256

d19591696ed38c40ff3f364a619774f2c0af428e9698c72cf7c644117046b031
SHA512

586819801443f16378750a7047f02440a47966269215bd41945c416490aa3f63e357d0c2245cf632141fa29d43ee9ed3112774d7ece904456fbdc395c9a20ec6
SSDEEP

1536:LCsijmb+6BQyusX1UjtA0uWRf/elocc9F1jVEyn:GxD6jSm0uWRfCo/FjVEs

Score

10^/10

warzonerat discovery infostealer rat

Malware Config

Extracted

Family

warzonerat

C2

wealth.warzonedns.com:5202

Targets

- Target
  
  6e8ccebd6463cb38312f3c9c646f1e80N.exe
- Size
  
  98KB
- MD5
  
  6e8ccebd6463cb38312f3c9c646f1e80
- SHA1
  
  79ab9d51ce36b26f19207aea9c9b8cff57967c7a
- SHA256
  
  d19591696ed38c40ff3f364a619774f2c0af428e9698c72cf7c644117046b031
- SHA512
  
  586819801443f16378750a7047f02440a47966269215bd41945c416490aa3f63e357d0c2245cf632141fa29d43ee9ed3112774d7ece904456fbdc395c9a20ec6
- SSDEEP
  
  1536:LCsijmb+6BQyusX1UjtA0uWRf/elocc9F1jVEyn:GxD6jSm0uWRfCo/FjVEs
Score

10^/10

warzonerat discovery infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratdiscoveryinfostealerrat

behavioral2

warzoneratdiscoveryinfostealerrat