skip to Main Content

Cybercrime, Avemaria / WarZone RAT is back via false PO

Malware Hunter JAMESWT Technical Analysis

Avemaria / WarZone RAT is back via false PO. The gz attachment contains an exe file: the malware itself. Objective: to steal information from the victim

New global Avemaria / WarZone RAT campaign Purchase Orders (PO) themed.

The gz attachment of the email contains an exe file: the malware itself. The goal of cybercrime is to steal data from the victim, as AveMaria is a Remote Access Trojan (RAT) with the ability to provide remote access to the desktop, act as a keylogger, increase user privileges, steal passwords and more.

Malware C2

Back To Top