Warzone 1.0 RAT Analysis Report
ID: 8087564a-cde0-5136-a515-fbaa0aac1bb5
STIX ID: report--8087564a-cde0-5136-a515-fbaa0aac1bb5
Feed Name: DomainTools
Threat Score
**Executive Summary:** This report analyzes the cracked Warzone 1.0 Windows RAT, detailing how its builder produces clients (default C2 port 5200, plaintext TCP), embedded PE modules, persistence via a registry Run key (default 'Google App Update'), credential-stealing and file-transfer capabilities, downloader functionality, and observable forensic/network artifacts—highlighting detection opportunities and attacker options like packing/crypter services.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.