Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
81753d0ff22805a51201089fbe9d563e
-
Size
412KB
-
Sample
240130-eyhzjshfak
-
MD5
81753d0ff22805a51201089fbe9d563e
-
SHA1
30446f0d7036fa7bbc69b429b66cf7668ffef757
-
SHA256
7a2efc884ed3f2c590ab5f93423e06ed2451376c980e707698e3c2e5eddecca8
-
SHA512
2103146dfa0fb4141fbf57e033b5d097e64a4881be0b5913417fec0320ade1d3bb03e8799af9be3ef0cd437de0906b7e1fdd3d707ade61f7a47850f84719d784
-
SSDEEP
6144:alz0902fTvXqongliaA2lcFJw/WMKo8klOq83t6QKX3xQtPmCX4A2jbZaa8:aybvTgliaA2YwJoU1x+X4A2Za/
Static task
static1
Behavioral task
behavioral1
Sample
81753d0ff22805a51201089fbe9d563e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
81753d0ff22805a51201089fbe9d563e.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
warzonerat
duck50501.hopto.org:50501
Targets
-
-
Target
81753d0ff22805a51201089fbe9d563e
-
Size
412KB
-
MD5
81753d0ff22805a51201089fbe9d563e
-
SHA1
30446f0d7036fa7bbc69b429b66cf7668ffef757
-
SHA256
7a2efc884ed3f2c590ab5f93423e06ed2451376c980e707698e3c2e5eddecca8
-
SHA512
2103146dfa0fb4141fbf57e033b5d097e64a4881be0b5913417fec0320ade1d3bb03e8799af9be3ef0cd437de0906b7e1fdd3d707ade61f7a47850f84719d784
-
SSDEEP
6144:alz0902fTvXqongliaA2lcFJw/WMKo8klOq83t6QKX3xQtPmCX4A2jbZaa8:aybvTgliaA2YwJoU1x+X4A2Za/
Score10/10-
Detect ZGRat V1
-
Detects BazaLoader malware
BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests.
-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Suspicious use of SetThreadContext
-