Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

209477710b...13.exe

windows7-x64

10

209477710b...13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    209477710b17f3ea68ce5643f03553e68c3cc8891b2a4865e07c0f8552c95a13

  • Size

    1.2MB

  • Sample

    231011-3af22sdd86

  • MD5

    344880e215de5d5e250d065df1239a57

  • SHA1

    04c096b71804d0f19c0f157ad18c50c497e21e15

  • SHA256

    209477710b17f3ea68ce5643f03553e68c3cc8891b2a4865e07c0f8552c95a13

  • SHA512

    8324e265f2e29a06568cd93922b44f82c59e4ac9d1280fb0a17607598f3017d6bd354f1dd10a1eff7fb62f18726d961f2afed3ad57c2b0489e85cb9f84e80026

  • SSDEEP

    24576:myi3+K2jmmxl8GYqrCTLDekQZbmlNAg6FWog7IZbNUGCq:1i3r2jmCl8sCfLQcDEWoSmiG

Score
10/10
healerdropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      209477710b17f3ea68ce5643f03553e68c3cc8891b2a4865e07c0f8552c95a13

    • Size

      1.2MB

    • MD5

      344880e215de5d5e250d065df1239a57

    • SHA1

      04c096b71804d0f19c0f157ad18c50c497e21e15

    • SHA256

      209477710b17f3ea68ce5643f03553e68c3cc8891b2a4865e07c0f8552c95a13

    • SHA512

      8324e265f2e29a06568cd93922b44f82c59e4ac9d1280fb0a17607598f3017d6bd354f1dd10a1eff7fb62f18726d961f2afed3ad57c2b0489e85cb9f84e80026

    • SSDEEP

      24576:myi3+K2jmmxl8GYqrCTLDekQZbmlNAg6FWog7IZbNUGCq:1i3r2jmCl8sCfLQcDEWoSmiG

    Score
    10/10
    healerdropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks