Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6e53941032a0ce82eae1939e5759c0af
-
Size
833KB
-
Sample
240122-ble6cadccj
-
MD5
6e53941032a0ce82eae1939e5759c0af
-
SHA1
eaf57bcca6eab53654114ba72cc46d794c95742a
-
SHA256
75cedf587e2b711c449d65f2113736a19c5de0df619ce27891587ce5cb84ee76
-
SHA512
75adfcc32c109339af4e0540f0ae2f31536ef011e65ef1b543d5d81468426d57e885870b02eb31c71c7b882ac39a43c20d6e2f7a0c20c0c55b3d586a168baa10
-
SSDEEP
6144:1wEvNYgMAUuVR5gO95HiX/ui5GmE1VvfQp3G9hkS8ntr2Xs33bAqB8dv4Tm2rfr5:1NtTSdroXQpqBKtkq1S2rTqDW
Static task
static1
Behavioral task
behavioral1
Sample
6e53941032a0ce82eae1939e5759c0af.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6e53941032a0ce82eae1939e5759c0af.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
warzonerat
ugob.ddns.net:5200
Targets
-
-
Target
6e53941032a0ce82eae1939e5759c0af
-
Size
833KB
-
MD5
6e53941032a0ce82eae1939e5759c0af
-
SHA1
eaf57bcca6eab53654114ba72cc46d794c95742a
-
SHA256
75cedf587e2b711c449d65f2113736a19c5de0df619ce27891587ce5cb84ee76
-
SHA512
75adfcc32c109339af4e0540f0ae2f31536ef011e65ef1b543d5d81468426d57e885870b02eb31c71c7b882ac39a43c20d6e2f7a0c20c0c55b3d586a168baa10
-
SSDEEP
6144:1wEvNYgMAUuVR5gO95HiX/ui5GmE1VvfQp3G9hkS8ntr2Xs33bAqB8dv4Tm2rfr5:1NtTSdroXQpqBKtkq1S2rTqDW
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-