Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
805e62c60c0fc996052caad800bfe9de
-
Size
579KB
-
Sample
240129-vfsn2agaej
-
MD5
805e62c60c0fc996052caad800bfe9de
-
SHA1
a3a8a7d304691894ee8eab7684a134d0ad38bf87
-
SHA256
91127e1d80f2ac634530968fd69487cd1b919694440ce1d2858577411e33b166
-
SHA512
66c7f3fc3a5a3d53567d01ec3ccac794e9024e818eb203621effb0a3cb1ba7790a4a0acb1c9fec53500e0102cde1717ed1d5a6837b7e298e8ee566a214623a13
-
SSDEEP
12288:9UOycCPEyAgcmFcvkrI9rzEs0sxD+ibZD74Djhe4/DIEVuHJub7U2RBVw:OOycpyAJTkEPEs0pibZ3ogeDI7Hkb7BG
Behavioral task
behavioral1
Sample
805e62c60c0fc996052caad800bfe9de.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
805e62c60c0fc996052caad800bfe9de.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
warzonerat
185.19.85.155:1997
Targets
-
-
Target
805e62c60c0fc996052caad800bfe9de
-
Size
579KB
-
MD5
805e62c60c0fc996052caad800bfe9de
-
SHA1
a3a8a7d304691894ee8eab7684a134d0ad38bf87
-
SHA256
91127e1d80f2ac634530968fd69487cd1b919694440ce1d2858577411e33b166
-
SHA512
66c7f3fc3a5a3d53567d01ec3ccac794e9024e818eb203621effb0a3cb1ba7790a4a0acb1c9fec53500e0102cde1717ed1d5a6837b7e298e8ee566a214623a13
-
SSDEEP
12288:9UOycCPEyAgcmFcvkrI9rzEs0sxD+ibZD74Djhe4/DIEVuHJub7U2RBVw:OOycpyAJTkEPEs0pibZ3ogeDI7Hkb7BG
Score10/10-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-