Extracted

• • Target

    198bc9cde188f8229f40d54e8dbcec56_JaffaCakes118

  • Size

    325KB

  • MD5

    198bc9cde188f8229f40d54e8dbcec56

  • SHA1

    6947fbd92ac49cc3cbf3f062e9705a38db8032bd

  • SHA256

    a5965262b70db7a0f88bb86d6b518b26c7d382f9ccb61e2dbe773e3f8758b49c

  • SHA512

    78ee2485040d7eb202c991f4ff67907e0be95965a09148b72b6e66b5f18dbaa307bd6d1eaf46a06f17e0210c7cc754b285139396d5847a2946912b7e98785d7b

  • SSDEEP

    3072:z3RqJ9VWC29aUzFHBC8ZmNmsBx41o0GGGGGD+ubfzoP6hCuxLzYaoT/pIpCOn:zY9maUzFHb0Nm8p+shCaYaIGCO

  Score

  10^/10

  warzoneratdiscoveryinfostealerrat

  • WarzoneRat, AveMaria

    WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

    ratinfostealerwarzonerat

  • Warzone RAT payload

    rat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2