warzonerat | 7fc0d71f829d9c2814387674b86540f99890034f8dbf40fde9ae0bd539a9174d | Triage

Sharing

General

Target

7fc0d71f829d9c2814387674b86540f99890034f8dbf40fde9ae0bd539a9174dN.exe
Size

98KB
Sample

241129-gx9f8azmev
MD5

2a5bbfc2533288be758d43d1f9928570
SHA1

cfb1f22df1587a84c80c41f2fcbe75686e111f18
SHA256

7fc0d71f829d9c2814387674b86540f99890034f8dbf40fde9ae0bd539a9174d
SHA512

e1bfb777456933501806adf8f39acd9ee4c186084195cc6e12c2a5383cd17157cecae6447c8e259d6800ebbe4eb4676013f4ceecfc4b003f072e727ee282e76f
SSDEEP

1536:7CsqDw2ost58PNkDtPMpcJBO9YcXVF11jVEyB:mpjZ+cJBSYUVdjVE2

Score

10^/10

warzonerat discovery infostealer rat

Malware Config

Extracted

Family

warzonerat

C2

wealth.warzonedns.com:5202

Targets

- Target
  
  7fc0d71f829d9c2814387674b86540f99890034f8dbf40fde9ae0bd539a9174dN.exe
- Size
  
  98KB
- MD5
  
  2a5bbfc2533288be758d43d1f9928570
- SHA1
  
  cfb1f22df1587a84c80c41f2fcbe75686e111f18
- SHA256
  
  7fc0d71f829d9c2814387674b86540f99890034f8dbf40fde9ae0bd539a9174d
- SHA512
  
  e1bfb777456933501806adf8f39acd9ee4c186084195cc6e12c2a5383cd17157cecae6447c8e259d6800ebbe4eb4676013f4ceecfc4b003f072e727ee282e76f
- SSDEEP
  
  1536:7CsqDw2ost58PNkDtPMpcJBO9YcXVF11jVEyB:mpjZ+cJBSYUVdjVE2
Score

10^/10

warzonerat discovery infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzonerat family
  warzonerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratdiscoveryinfostealerrat

behavioral2

warzoneratdiscoveryinfostealerrat