Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

c7e68f6c12...3e.exe

windows7-x64

10

c7e68f6c12...3e.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c7e68f6c127994363927fda99e96c53e.exe

  • Size

    2.5MB

  • Sample

    230705-g1g65scc5x

  • MD5

    c7e68f6c127994363927fda99e96c53e

  • SHA1

    9f88fa05eead627838d9b114fcb27121f0148bf6

  • SHA256

    ff49f132c704dd427042dcd0a58c5522be6e165c40efdeb17c042217f3b0fe9c

  • SHA512

    b02732aba26620700680c457cb95eff326f150826c51daea82f0f517121a29fdc19679f600ccedaf07d1b6928303ca759bc6533a2ed9d287e5330e5c6bb2a366

  • SSDEEP

    24576:B47stUFlg46o/LJiFBIbGAq4OCgwYM/wARmPj5tS7vp1LX7J4Cx4G2FYkr:B4wtUFlg4/2i4pFYk

Score
10/10
warzoneratinfostealerpersistencerat

Malware Config

Targets

    • Target

      c7e68f6c127994363927fda99e96c53e.exe

    • Size

      2.5MB

    • MD5

      c7e68f6c127994363927fda99e96c53e

    • SHA1

      9f88fa05eead627838d9b114fcb27121f0148bf6

    • SHA256

      ff49f132c704dd427042dcd0a58c5522be6e165c40efdeb17c042217f3b0fe9c

    • SHA512

      b02732aba26620700680c457cb95eff326f150826c51daea82f0f517121a29fdc19679f600ccedaf07d1b6928303ca759bc6533a2ed9d287e5330e5c6bb2a366

    • SSDEEP

      24576:B47stUFlg46o/LJiFBIbGAq4OCgwYM/wARmPj5tS7vp1LX7J4Cx4G2FYkr:B4wtUFlg4/2i4pFYk

    Score
    10/10
    warzoneratinfostealerpersistencerat

    • WarzoneRat, AveMaria

      WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.

      ratinfostealerwarzonerat

    • Warzone RAT payload

      rat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks