Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
68a40e341f28507ebd504564fc8507d3
-
Size
338KB
-
Sample
240119-zyb68aebh5
-
MD5
68a40e341f28507ebd504564fc8507d3
-
SHA1
aa837e7e44baa5d13be6fb5530454429a4c24e75
-
SHA256
fea29fb2293dfa888c3ce64dba2e775b2793b7f2edd4bd647dd5d2a96d1bdc04
-
SHA512
115f8f59f575e4630b43774f2757746a1860e4d72f28650f19d809479e2126e95414efa6e983991b29bed61e8b1e108fbb77a1426e1d1db447125764cdc443c9
-
SSDEEP
6144:oAxdBa/vBDy1NPofTpjPN7O4v9TKcgcosoJ2YwOuMkQryyu2linbMP6u8jxsS4G1:CXgTAVjPNi4KrdJl5Nw2linG/2T4Gux
Static task
static1
Behavioral task
behavioral1
Sample
68a40e341f28507ebd504564fc8507d3.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
68a40e341f28507ebd504564fc8507d3.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
warzonerat
sdafsdffssffs.ydns.eu:6703
Targets
-
-
Target
68a40e341f28507ebd504564fc8507d3
-
Size
338KB
-
MD5
68a40e341f28507ebd504564fc8507d3
-
SHA1
aa837e7e44baa5d13be6fb5530454429a4c24e75
-
SHA256
fea29fb2293dfa888c3ce64dba2e775b2793b7f2edd4bd647dd5d2a96d1bdc04
-
SHA512
115f8f59f575e4630b43774f2757746a1860e4d72f28650f19d809479e2126e95414efa6e983991b29bed61e8b1e108fbb77a1426e1d1db447125764cdc443c9
-
SSDEEP
6144:oAxdBa/vBDy1NPofTpjPN7O4v9TKcgcosoJ2YwOuMkQryyu2linbMP6u8jxsS4G1:CXgTAVjPNi4KrdJl5Nw2linG/2T4Gux
Score10/10-
Detect ZGRat V1
-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-