Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
67c61f920f0e566d885675918b82eb20
-
Size
243KB
-
Sample
240119-q3wa8afgd6
-
MD5
67c61f920f0e566d885675918b82eb20
-
SHA1
2612f97862584dc7801c55d80fd2ec4fcace650f
-
SHA256
b93b6510f3e02f05d3ff428864acc1374e4f3a9f2ade309c0e6a85a2b2ba13a5
-
SHA512
c20ed92be3d23abd006b4802f036b3bf0d22275d1684f8c75a5031f5a4e160d9ac60482444042d08b66355f5cb4d077b58adeeb915bf748c020f03cdfa163f5d
-
SSDEEP
6144:b3bdKRSwucLYkb/xbENMjYgtXNUmvZjoKR/SvH4gTuXF/5OqI:b5XwFtwNQHMmdom/Sf2Xt7I
Static task
static1
Behavioral task
behavioral1
Sample
67c61f920f0e566d885675918b82eb20.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
67c61f920f0e566d885675918b82eb20.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
warzonerat
188.72.124.14:1986
Targets
-
-
Target
67c61f920f0e566d885675918b82eb20
-
Size
243KB
-
MD5
67c61f920f0e566d885675918b82eb20
-
SHA1
2612f97862584dc7801c55d80fd2ec4fcace650f
-
SHA256
b93b6510f3e02f05d3ff428864acc1374e4f3a9f2ade309c0e6a85a2b2ba13a5
-
SHA512
c20ed92be3d23abd006b4802f036b3bf0d22275d1684f8c75a5031f5a4e160d9ac60482444042d08b66355f5cb4d077b58adeeb915bf748c020f03cdfa163f5d
-
SSDEEP
6144:b3bdKRSwucLYkb/xbENMjYgtXNUmvZjoKR/SvH4gTuXF/5OqI:b5XwFtwNQHMmdom/Sf2Xt7I
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Suspicious use of SetThreadContext
-