Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8102275c886875543a28a56edd9215f8
-
Size
13.0MB
-
Sample
240129-2afkvacab9
-
MD5
8102275c886875543a28a56edd9215f8
-
SHA1
451e70fb4b00605102038935744532d436a73f15
-
SHA256
c88972c80db4fd3a9b15a9ed8d95688be6a1cfbce5030f55f06c596e32d8c785
-
SHA512
af1bbf841e6cc05e26965a9e3d7fff81fb1e8d6c4a751922356743e104f2060163534aa0489ae53e4687b79fc34d3cfd7c59884cfb8d1fe572c1e1fb5c6a74b9
-
SSDEEP
196608:yU7d9xZSt4U7d9xZStSU7d9xZSt4U7d9xZSt9:D7d9xZo7d9xZS7d9xZo7d9xZC
Behavioral task
behavioral1
Sample
8102275c886875543a28a56edd9215f8.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8102275c886875543a28a56edd9215f8.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
8102275c886875543a28a56edd9215f8
-
Size
13.0MB
-
MD5
8102275c886875543a28a56edd9215f8
-
SHA1
451e70fb4b00605102038935744532d436a73f15
-
SHA256
c88972c80db4fd3a9b15a9ed8d95688be6a1cfbce5030f55f06c596e32d8c785
-
SHA512
af1bbf841e6cc05e26965a9e3d7fff81fb1e8d6c4a751922356743e104f2060163534aa0489ae53e4687b79fc34d3cfd7c59884cfb8d1fe572c1e1fb5c6a74b9
-
SSDEEP
196608:yU7d9xZSt4U7d9xZStSU7d9xZSt4U7d9xZSt9:D7d9xZo7d9xZS7d9xZo7d9xZC
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-