Managed XDR

server.exe (Ozone RAT) — malware analysis report

File info

Filename: server.exe
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 56 KB
First seen: 2025-07-10 00:24
Last seen: 2025-07-10 00:24

Environment

win7/x86 en

Hashes

SHA1: df183d7e520831d04159a4aa58f561588a018302
SHA256: 079c0f6936f187ac7b7886e7d85ac0ac3ac0159eaedd19493d8840c4d0b7ad80
MD5: 91d517f55b1d43fd59d4706b1e9d55b0

Malwares

Ozone RAT

Signatures

Privilege Escalation

T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules

suricata_alert: Malicious traffic detected

no_graphical_activity: No graphic activity

Related reports

Managed XDR