warzonerat | 373e9f9e8731f1a4f9d100a06d8a8a1bd081b8ce99673f84ecd7efd91c925d2e | Triage

Sharing

General

Target

373e9f9e8731f1a4f9d100a06d8a8a1bd081b8ce99673f84ecd7efd91c925d2eN.exe
Size

98KB
Sample

241129-w9yyks1jfy
MD5

6dd1d473c17f5f6b0c4f90e77f858f60
SHA1

80b305e32acc0a9baf650f7482de914ee9514b9e
SHA256

373e9f9e8731f1a4f9d100a06d8a8a1bd081b8ce99673f84ecd7efd91c925d2e
SHA512

639522467f916cfb6a2e0267bbfc26093611ed8d0422aff935a5db40f0c2f4102296376b4206d469abe023690869e87f2e3747babb291ad1b11a789cc0eccc1e
SSDEEP

1536:b60eDNKgTAgkw+BMrtU4FxW5Aku5is1jVEyA:Ol3ThS4FxeAdRjVEX

Score

10^/10

warzonerat discovery infostealer rat

Malware Config

Extracted

Family

warzonerat

C2

wealth.warzonedns.com:5202

Targets

- Target
  
  373e9f9e8731f1a4f9d100a06d8a8a1bd081b8ce99673f84ecd7efd91c925d2eN.exe
- Size
  
  98KB
- MD5
  
  6dd1d473c17f5f6b0c4f90e77f858f60
- SHA1
  
  80b305e32acc0a9baf650f7482de914ee9514b9e
- SHA256
  
  373e9f9e8731f1a4f9d100a06d8a8a1bd081b8ce99673f84ecd7efd91c925d2e
- SHA512
  
  639522467f916cfb6a2e0267bbfc26093611ed8d0422aff935a5db40f0c2f4102296376b4206d469abe023690869e87f2e3747babb291ad1b11a789cc0eccc1e
- SSDEEP
  
  1536:b60eDNKgTAgkw+BMrtU4FxW5Aku5is1jVEyA:Ol3ThS4FxeAdRjVEX
Score

10^/10

warzonerat discovery infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzonerat family
  warzonerat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratdiscoveryinfostealerrat

behavioral2

warzoneratdiscoveryinfostealerrat