Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1
-
Size
1.0MB
-
Sample
231011-nd3b5ada84
-
MD5
595b16bd709faf941122634c56e94ef1
-
SHA1
cf3f70beaa9a7b186eb886eee4d847f35e5601b4
-
SHA256
febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1
-
SHA512
5e4478a39ab929c56b978d3027c84d3526f95c99e142402cca405eb5e46f72f70e25914fd64ffb774bc2f1a5602fcf6f9f38952ec46d06050b9893ad71dee0de
-
SSDEEP
24576:LyAz23fRfc5hXg68haO3TCeQO4ZAG9OAx1Wy1P:+g23ZEbz6CeQOwf9OA//
Static task
static1
Behavioral task
behavioral1
Sample
febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1
-
Size
1.0MB
-
MD5
595b16bd709faf941122634c56e94ef1
-
SHA1
cf3f70beaa9a7b186eb886eee4d847f35e5601b4
-
SHA256
febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1
-
SHA512
5e4478a39ab929c56b978d3027c84d3526f95c99e142402cca405eb5e46f72f70e25914fd64ffb774bc2f1a5602fcf6f9f38952ec46d06050b9893ad71dee0de
-
SSDEEP
24576:LyAz23fRfc5hXg68haO3TCeQO4ZAG9OAx1Wy1P:+g23ZEbz6CeQOwf9OA//
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1