Overview

overview

10

Static

static

1

URLScan

urlscan

https://github.com/H...

windows7-x64

10

Resubmissions

25-09-2024 12:52

240925-p343paweln 6

24-09-2024 15:56

240924-tdvj6ssall 6

24-09-2024 15:33

240924-szaapavbmg 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://github.com/HalilDeniz/RansomwareSim

  • Sample

    240924-szaapavbmg

Score
10/10
warzoneratdiscoveryevasioninfostealerratrezer0upx

Malware Config

Extracted

Family

warzonerat

C2

168.61.222.215:5400

Targets

    • Target

      https://github.com/HalilDeniz/RansomwareSim

    Score
    10/10
    warzoneratdiscoveryevasioninfostealerratrezer0upx

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

      ratinfostealerwarzonerat

    • ReZer0 packer

      Detects ReZer0, a packer with multiple versions used in various campaigns.

      rezer0

    • Warzone RAT payload

      rat

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks