Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a76be79001579a1131b180709c83005caff2ed645a3a676595f428867d37f9d8
-
Size
1.1MB
-
Sample
230922-mvy6cshd88
-
MD5
5a8c0eae3553c80b57a9914a48facc85
-
SHA1
3b1c50bbced02507c2723a5e132e7be562fb14bc
-
SHA256
a76be79001579a1131b180709c83005caff2ed645a3a676595f428867d37f9d8
-
SHA512
08ddba5fce4cef2c55e74983358c8f4a9d8f4f4f9c8dc32340066dde3fd84725339561be8340daae1d47b5cb42ae04baeb0d12ed26241337a4cfd5281522d9fd
-
SSDEEP
24576:wyn95toiT+xnvRpTcPCFXzotnbYcq1WJnKZAt2VuKyS5o2qz:3n97oZvRpg6FXzdcq15ZAt2AKR0
Static task
static1
Behavioral task
behavioral1
Sample
a76be79001579a1131b180709c83005caff2ed645a3a676595f428867d37f9d8.exe
Resource
win10-20230915-en
Malware Config
Targets
-
-
Target
a76be79001579a1131b180709c83005caff2ed645a3a676595f428867d37f9d8
-
Size
1.1MB
-
MD5
5a8c0eae3553c80b57a9914a48facc85
-
SHA1
3b1c50bbced02507c2723a5e132e7be562fb14bc
-
SHA256
a76be79001579a1131b180709c83005caff2ed645a3a676595f428867d37f9d8
-
SHA512
08ddba5fce4cef2c55e74983358c8f4a9d8f4f4f9c8dc32340066dde3fd84725339561be8340daae1d47b5cb42ae04baeb0d12ed26241337a4cfd5281522d9fd
-
SSDEEP
24576:wyn95toiT+xnvRpTcPCFXzotnbYcq1WJnKZAt2VuKyS5o2qz:3n97oZvRpg6FXzdcq15ZAt2AKR0
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1