Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

febf4dbb5e...a1.exe

windows7-x64

10

febf4dbb5e...a1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1

  • Size

    1.0MB

  • Sample

    231011-nd3b5ada84

  • MD5

    595b16bd709faf941122634c56e94ef1

  • SHA1

    cf3f70beaa9a7b186eb886eee4d847f35e5601b4

  • SHA256

    febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1

  • SHA512

    5e4478a39ab929c56b978d3027c84d3526f95c99e142402cca405eb5e46f72f70e25914fd64ffb774bc2f1a5602fcf6f9f38952ec46d06050b9893ad71dee0de

  • SSDEEP

    24576:LyAz23fRfc5hXg68haO3TCeQO4ZAG9OAx1Wy1P:+g23ZEbz6CeQOwf9OA//

Score
10/10
healerdropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1

    • Size

      1.0MB

    • MD5

      595b16bd709faf941122634c56e94ef1

    • SHA1

      cf3f70beaa9a7b186eb886eee4d847f35e5601b4

    • SHA256

      febf4dbb5e35cd83410431aff439b45a830b2b372ad65586701e733e6e7f32a1

    • SHA512

      5e4478a39ab929c56b978d3027c84d3526f95c99e142402cca405eb5e46f72f70e25914fd64ffb774bc2f1a5602fcf6f9f38952ec46d06050b9893ad71dee0de

    • SSDEEP

      24576:LyAz23fRfc5hXg68haO3TCeQO4ZAG9OAx1Wy1P:+g23ZEbz6CeQOwf9OA//

    Score
    10/10
    healerdropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks