Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6897bfda916218257d2dc3a3ade55f36
-
Size
579KB
-
Sample
240119-zgh87sdhc5
-
MD5
6897bfda916218257d2dc3a3ade55f36
-
SHA1
ccf6f3a31af5f90076b75db27ab81d89bb6e0808
-
SHA256
889c96a913e70aa3cf184395ac8ebc9ddd09108f85206a281f382af7aba52fe3
-
SHA512
e884f5edf7d6b46a1b18294f3e8a71e48e74f71cddd568825393f5e47c63ca7126001a07f8c88266a65dc6c8f4e0082533908aeffbf36584736e7c1dd019b325
-
SSDEEP
12288:QUOycCPEyAgcmFcvkrI9rzEs0sxD+ibZD74Djhe4/DIEVuHJub7U2RBVw:VOycpyAJTkEPEs0pibZ3ogeDI7Hkb7BG
Behavioral task
behavioral1
Sample
6897bfda916218257d2dc3a3ade55f36.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6897bfda916218257d2dc3a3ade55f36.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
warzonerat
185.19.85.155:1997
Targets
-
-
Target
6897bfda916218257d2dc3a3ade55f36
-
Size
579KB
-
MD5
6897bfda916218257d2dc3a3ade55f36
-
SHA1
ccf6f3a31af5f90076b75db27ab81d89bb6e0808
-
SHA256
889c96a913e70aa3cf184395ac8ebc9ddd09108f85206a281f382af7aba52fe3
-
SHA512
e884f5edf7d6b46a1b18294f3e8a71e48e74f71cddd568825393f5e47c63ca7126001a07f8c88266a65dc6c8f4e0082533908aeffbf36584736e7c1dd019b325
-
SSDEEP
12288:QUOycCPEyAgcmFcvkrI9rzEs0sxD+ibZD74Djhe4/DIEVuHJub7U2RBVw:VOycpyAJTkEPEs0pibZ3ogeDI7Hkb7BG
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-