warzonerat | 256f89cfbf01246465bf2825fbcc8e8299e727bf6ae7e95ebf5951df5f38a158 | Triage

Submit
Reports

Overview

overview

Static

static

3

New order.scr

windows7-x64

New order.scr

windows10-2004-x64

Sharing

General

Target

256f89cfbf01246465bf2825fbcc8e8299e727bf6ae7e95ebf5951df5f38a158
Size

501KB
Sample

241017-lfpsps1gra
MD5

ffefd95405c8a6c3a2bdb0e142d6e418
SHA1

15a6b5cc053b7c92a31c2b5a0f85432d4af58f40
SHA256

256f89cfbf01246465bf2825fbcc8e8299e727bf6ae7e95ebf5951df5f38a158
SHA512

b67a4052a9a10514ad158ccb110fbe761b8da42951e6e839bbc44e787fac30f088a198a39284a24824cf104a3cac5ff73bed61465e1e8b6edce7f59a4ec69681
SSDEEP

12288:LaTBUySYLrJ9xtO8lDgkwIlsESIxqqKY4FIyyA4W1acBWJna/GE3ZAQ6:0vJjVUIqESokzBr4naFq

Score

10^/10

warzonerat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

New order.scr

Resource

win7-20240903-en

warzonerat discovery infostealer rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

New order.scr

Resource

win10v2004-20241007-en

warzonerat discovery infostealer rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

103.161.133.139:222

Targets

- Target
  
  New order.scr
- Size
  
  514KB
- MD5
  
  f3c47c8e567df8678fb83a825baa5789
- SHA1
  
  1c17a349f537f276685c4f3f7eb1da18193f2e23
- SHA256
  
  57938cb80e99cf9a194713f9881ade81408229ce437ec8cd0e632c25a14d2bda
- SHA512
  
  7d72c5ca458f7e6efbfa8729a5af36db06016d94e25c6c7da36eb9f585545ed3fc891d37dea999b2a87602da2a0fb5f70d556f482631fd5091b0c0e612b337fe
- SSDEEP
  
  12288:A1RveBYTrDxr5fKuuGMz6z9BokDCQTyBX2XLh6Ezp1XlJcLL:A1RWBYVlK7GMGBBoqCQTyBGXLhdt11JC
Score

10^/10

warzonerat discovery infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratdiscoveryinfostealerrat

behavioral2

warzoneratdiscoveryinfostealerrat

© 2018-2025

Terms | Privacy