Managed XDR

scratch-zoo-2025-04-07...78fa5559fec2c310ed3eb7 (Darktrack, Ozone RAT) — malware analysis report

File info

Filename
scratch-zoo-2025-04-07-eda7fe65ca78fa5559fec2c310ed3eb7
File type
PE32 executable (GUI) Intel 80386, for MS Windows
File size
611 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
7e31c5f4ad61bc9767b069727ef9638a329e6b51
SHA256
a2aefc586d5f7df60883179e77115dd792492bdbb2882d57eca762ecc1941519
MD5
eda7fe65ca78fa5559fec2c310ed3eb7

Malwares

  • Darktrack
  • Ozone RAT

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1027.002 packer_entropy: Probably contains compressed or encrypted data
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

yara_rules: Static rules
process_crashed: One of the processes has failed
no_graphical_activity: No graphic activity
test_check_service: Starts services

Related reports

Managed XDR