WarzoneRAT2
WarzoneRAT/AveMaria RAT 2019 Salary $40/month. sgames.ovh.org C2. PO.exe is a business lure. Credential stealing+UAC bypass.
Threat Profile
Type
RAT
Programming LanguageC++
C2 ProtocolTCP
First Seen2019
Targets
Küresel Kurumsal
Purpose / Capabilities
- Remote Access+Credential
C2 Servers 1
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
sgames.ovh.org
|
80 | HTTP | INACTIVE |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (2)
WarzoneRAT/AveMaria -- PO.exe Satın Alma Emri, sgames.ovh.org OVH C2 | Yüksek
WarzoneRAT AveMariaRAT 968KB PO.exe Purchase Order. http://sgames.ovh.org OVH barindirma C2. VBS delivery.
Read Report →WarzoneRAT 2 -- 363KB .NET, BTC P2SH 3RTQGYLSx + 3XTxJKLb, YufC2 Config | Yüksek
WarzoneRAT2 363KB .NET. BTC P2SH: 3RTQGYLSxT + 3XTxJKLblG. YufC2 config fragmenti.
Read Report →