warzonerat | 1c0f69bbb0a2b2572330ec770f627b09dc82cf897a98733c7b214f2a2594546b | Triage

Submit
Reports

Overview

overview

Static

static

3

d816b2f7f7...18.exe

windows7-x64

d816b2f7f7...18.exe

windows10-2004-x64

3

Sharing

General

Target

d816b2f7f7028c523fd36158fc5d7967_JaffaCakes118
Size

330KB
Sample

241208-vhycaszkdy
MD5

d816b2f7f7028c523fd36158fc5d7967
SHA1

da862ae275bbe9c8dc5e88440084e86b0c170036
SHA256

1c0f69bbb0a2b2572330ec770f627b09dc82cf897a98733c7b214f2a2594546b
SHA512

1a2004332762f441f059b35f91f2b1e1c35a6c534f0bfead57d490e92def05b852d2da1b56612e5f6b8c11b2b20457daa7369eef9ac63c2ecd812a64347ec81e
SSDEEP

3072:6xRqJ9VWC29aUzFHBC8ZmNmUBx41o0GGGGGD+ubfzoP6hCuxLqYaod6+ZIad1d:6W9maUzFHb0NmUp+shC3Ya21F

Score

10^/10

warzonerat discovery infostealer rat

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d816b2f7f7028c523fd36158fc5d7967_JaffaCakes118.exe

Resource

win7-20240903-en

warzonerat discovery infostealer rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

d816b2f7f7028c523fd36158fc5d7967_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

20.69.158.38:7400

Targets

- Target
  
  d816b2f7f7028c523fd36158fc5d7967_JaffaCakes118
- Size
  
  330KB
- MD5
  
  d816b2f7f7028c523fd36158fc5d7967
- SHA1
  
  da862ae275bbe9c8dc5e88440084e86b0c170036
- SHA256
  
  1c0f69bbb0a2b2572330ec770f627b09dc82cf897a98733c7b214f2a2594546b
- SHA512
  
  1a2004332762f441f059b35f91f2b1e1c35a6c534f0bfead57d490e92def05b852d2da1b56612e5f6b8c11b2b20457daa7369eef9ac63c2ecd812a64347ec81e
- SSDEEP
  
  3072:6xRqJ9VWC29aUzFHBC8ZmNmUBx41o0GGGGGD+ubfzoP6hCuxLqYaod6+ZIad1d:6W9maUzFHb0NmUp+shC3Ya21F
Score

10^/10

warzonerat discovery infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzonerat family
  warzonerat
- Warzone RAT payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

warzoneratdiscoveryinfostealerrat

behavioral2

© 2018-2025

Terms | Privacy