Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a7f68a392242919213f36bbb1ecd1040c77cf2dbc81131a2594b19b32ee96d1d
-
Size
1.4MB
-
Sample
231003-xfcnxseh9s
-
MD5
dab8609831dccca44f08305d9da25e78
-
SHA1
0d94965f0db044e45d75d04016ee938fd3294292
-
SHA256
a7f68a392242919213f36bbb1ecd1040c77cf2dbc81131a2594b19b32ee96d1d
-
SHA512
19bbaef5ed5f0cc7a91baab92dde2b7b08732c20aa2401e71540b6707a3e068409eb1197dd86d523e7df68e942bf9611a0fab2a3b61f23bfc090ab2fc0d988d3
-
SSDEEP
24576:/yUb5MxcqcJHVLBdBRFcn2lL0RTMg6DsU2+vIfdCwSClnqxMv7Nkx/yRQjHrUloM:KE5M2qcTLX5d0RCf2+iwmnZvStZLr4oM
Malware Config
Targets
-
-
Target
a7f68a392242919213f36bbb1ecd1040c77cf2dbc81131a2594b19b32ee96d1d
-
Size
1.4MB
-
MD5
dab8609831dccca44f08305d9da25e78
-
SHA1
0d94965f0db044e45d75d04016ee938fd3294292
-
SHA256
a7f68a392242919213f36bbb1ecd1040c77cf2dbc81131a2594b19b32ee96d1d
-
SHA512
19bbaef5ed5f0cc7a91baab92dde2b7b08732c20aa2401e71540b6707a3e068409eb1197dd86d523e7df68e942bf9611a0fab2a3b61f23bfc090ab2fc0d988d3
-
SSDEEP
24576:/yUb5MxcqcJHVLBdBRFcn2lL0RTMg6DsU2+vIfdCwSClnqxMv7Nkx/yRQjHrUloM:KE5M2qcTLX5d0RCf2+iwmnZvStZLr4oM
Score10/10-
Detects Healer an antivirus disabler dropper
-
Healer
Healer an antivirus disabler dropper.
-
Modifies Windows Defender Real-time Protection settings
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1