Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

58f983d864...3d.exe

windows7-x64

10

58f983d864...3d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    58f983d8647b0ea9e6f71bd1736a983d.exe

  • Size

    98KB

  • Sample

    221202-x4ylasag8t

  • MD5

    58f983d8647b0ea9e6f71bd1736a983d

  • SHA1

    6e6285384012ae45de920c7156731f2a1ff63545

  • SHA256

    3d3d4c7153e535faa3e9933521d5072dfdaf15aef32743961df4d030fcd86105

  • SHA512

    4df48ed590ccd10e4b9c188604ccb6d116438fb83cb3abe5a7746ee2e5e97cd8003f2206d48d551cf220336cfe5c72f0451d246560a0079c1216b7deac03669e

  • SSDEEP

    1536:5Csejmb+6BQyusX1UjtA0uWRf/eloc/9T1jVEyp:AtD6jSm0uWRfCogTjVEG

Score
10/10
warzoneratinfostealerrat

Malware Config

Extracted

Family

warzonerat

C2

4.tcp.eu.ngrok.io:18570

Targets

    • Target

      58f983d8647b0ea9e6f71bd1736a983d.exe

    • Size

      98KB

    • MD5

      58f983d8647b0ea9e6f71bd1736a983d

    • SHA1

      6e6285384012ae45de920c7156731f2a1ff63545

    • SHA256

      3d3d4c7153e535faa3e9933521d5072dfdaf15aef32743961df4d030fcd86105

    • SHA512

      4df48ed590ccd10e4b9c188604ccb6d116438fb83cb3abe5a7746ee2e5e97cd8003f2206d48d551cf220336cfe5c72f0451d246560a0079c1216b7deac03669e

    • SSDEEP

      1536:5Csejmb+6BQyusX1UjtA0uWRf/eloc/9T1jVEyp:AtD6jSm0uWRfCogTjVEG

    Score
    10/10
    warzoneratinfostealerrat

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

      ratinfostealerwarzonerat

    • Warzone RAT payload

      rat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks