warzonerat | 5ad6cab84ddc89823beee12915852cf7d629fd637465282a59747368be1df104 | Triage

Submit
Reports

Overview

overview

Static

static

5

b2fcf484a4...18.exe

windows7-x64

b2fcf484a4...18.exe

windows10-2004-x64

Sharing

General

Target

b2fcf484a403c55e6a844681e4363741_JaffaCakes118
Size

1.1MB
Sample

240616-mccveatbrp
MD5

b2fcf484a403c55e6a844681e4363741
SHA1

f1755359485433fde6eaa53b32612a8c7c0cfb51
SHA256

5ad6cab84ddc89823beee12915852cf7d629fd637465282a59747368be1df104
SHA512

2ce1778d7145c1ba53a104451583124a1d529b8f1e94fc94533ed28ed40d1e169dafe5aae7f305b6b2fb8e0085e46f52e4926c4383ec25ef78f57398b5f65205
SSDEEP

24576:IAHnh+eWsN3skA4RV1Hom2KXMmHacmDnNeDtoFu5:Ph+ZkldoPK8Yac9om

Score

10^/10

warzonerat infostealer rat

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b2fcf484a403c55e6a844681e4363741_JaffaCakes118.exe

Resource

win7-20240220-en

warzonerat infostealer rat

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2fcf484a403c55e6a844681e4363741_JaffaCakes118.exe

Resource

win10v2004-20240611-en

warzonerat infostealer rat

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

warzonerat

C2

dnanux12.servehttp.com:24197

Targets

- Target
  
  b2fcf484a403c55e6a844681e4363741_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  b2fcf484a403c55e6a844681e4363741
- SHA1
  
  f1755359485433fde6eaa53b32612a8c7c0cfb51
- SHA256
  
  5ad6cab84ddc89823beee12915852cf7d629fd637465282a59747368be1df104
- SHA512
  
  2ce1778d7145c1ba53a104451583124a1d529b8f1e94fc94533ed28ed40d1e169dafe5aae7f305b6b2fb8e0085e46f52e4926c4383ec25ef78f57398b5f65205
- SSDEEP
  
  24576:IAHnh+eWsN3skA4RV1Hom2KXMmHacmDnNeDtoFu5:Ph+ZkldoPK8Yac9om
Score

10^/10

warzonerat infostealer rat
- WarzoneRat, AveMaria
  WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
  rat infostealer warzonerat
- Warzone RAT payload
  rat
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

warzoneratinfostealerrat

behavioral2

warzoneratinfostealerrat

© 2018-2024

Terms | Privacy