Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
83cf1c8f4ccefbaf6881bf3d47236184
-
Size
402KB
-
Sample
240131-h7j5rafbf9
-
MD5
83cf1c8f4ccefbaf6881bf3d47236184
-
SHA1
81b2b3c9962892d5a4d7bcd9c8a51ab02a8809bb
-
SHA256
5b185af278fe0bdf4ed8724f98efa63f50c2bfc5a3d704d31e7a1d08a8089d39
-
SHA512
0d91b62501faf983bfcd54718f1ca031e69cfc2bb0251dc5a09aa765eae4be741f1b2116baba70e096569a69214b80886f8ab67ee5b50cbbe7762663cd586e39
-
SSDEEP
12288:it2LMr2rKMDtGaMjxmovL9QVIvDWxWd6hg:qkMIxGasdZQ/9y
Static task
static1
Behavioral task
behavioral1
Sample
83cf1c8f4ccefbaf6881bf3d47236184.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
83cf1c8f4ccefbaf6881bf3d47236184.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
warzonerat
sdafsdffssffs.ydns.eu:6703
Targets
-
-
Target
83cf1c8f4ccefbaf6881bf3d47236184
-
Size
402KB
-
MD5
83cf1c8f4ccefbaf6881bf3d47236184
-
SHA1
81b2b3c9962892d5a4d7bcd9c8a51ab02a8809bb
-
SHA256
5b185af278fe0bdf4ed8724f98efa63f50c2bfc5a3d704d31e7a1d08a8089d39
-
SHA512
0d91b62501faf983bfcd54718f1ca031e69cfc2bb0251dc5a09aa765eae4be741f1b2116baba70e096569a69214b80886f8ab67ee5b50cbbe7762663cd586e39
-
SSDEEP
12288:it2LMr2rKMDtGaMjxmovL9QVIvDWxWd6hg:qkMIxGasdZQ/9y
Score10/10-
Detect ZGRat V1
-
Detects BazaLoader malware
BazaLoader is a trojan that transmits logs to the Command and Control (C2) server, encoding them in BASE64 format through GET requests.
-
WarzoneRat, AveMaria
WarzoneRat is a native RAT developed in C++ with multiple plugins sold as a MaaS.
-
Warzone RAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-