General

  • Target

    sb.exe

  • Size

    1MB

  • Sample

    210928-lq26sabdh3

  • MD5

    e310cb3185d95e3dda42f0230b569d84

  • SHA1

    c20c8aa953f7df7e9b117258a0d31530e23ffc55

  • SHA256

    82867648313483db4a6115e0cc2b34c06719ffdb6667e50e625e2dc130adfbca

  • SHA512

    a0c4a70bc09ea2eb36a1a27af65891d866beec07a1c21208e0b05e549d3d2f7619bef9012dab9e121e53a6a1a56d642bfb5435520292dd879e30f4db71789bbd

Malware Config

Extracted

Family

warzonerat

C2

cachepallioniwarznpa.icu:5200

Targets

    • Target

      sb.exe

    • Size

      1MB

    • MD5

      e310cb3185d95e3dda42f0230b569d84

    • SHA1

      c20c8aa953f7df7e9b117258a0d31530e23ffc55

    • SHA256

      82867648313483db4a6115e0cc2b34c06719ffdb6667e50e625e2dc130adfbca

    • SHA512

      a0c4a70bc09ea2eb36a1a27af65891d866beec07a1c21208e0b05e549d3d2f7619bef9012dab9e121e53a6a1a56d642bfb5435520292dd879e30f4db71789bbd

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

MITRE ATT&CK Matrix

Tasks