Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a4a86280d6cd485aa0eaa07957aa779860fdc32e23905b1758749593885818dc
-
Size
1.1MB
-
Sample
231011-vbs41acd87
-
MD5
bc58648ee1962c1b21649ef2398ec057
-
SHA1
2080ebc379953437520c68cd3d287240bb1eba15
-
SHA256
a4a86280d6cd485aa0eaa07957aa779860fdc32e23905b1758749593885818dc
-
SHA512
0a23ff331c57d7e15ff77b61766c5893c7637a49f545e8fd91c5e7f9a751a9a1fbc94d7b47eeaf9afc02a3a78d262899bca60d662240e37978ff165cc79f97eb
-
SSDEEP
24576:JynB4cKkYMJs6EuISA53SBIV7Zmyjq5e+:8SnktzEVSA53CgDj
Static task
static1
Behavioral task
behavioral1
Sample
a4a86280d6cd485aa0eaa07957aa779860fdc32e23905b1758749593885818dc.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
a4a86280d6cd485aa0eaa07957aa779860fdc32e23905b1758749593885818dc.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
a4a86280d6cd485aa0eaa07957aa779860fdc32e23905b1758749593885818dc
-
Size
1.1MB
-
MD5
bc58648ee1962c1b21649ef2398ec057
-
SHA1
2080ebc379953437520c68cd3d287240bb1eba15
-
SHA256
a4a86280d6cd485aa0eaa07957aa779860fdc32e23905b1758749593885818dc
-
SHA512
0a23ff331c57d7e15ff77b61766c5893c7637a49f545e8fd91c5e7f9a751a9a1fbc94d7b47eeaf9afc02a3a78d262899bca60d662240e37978ff165cc79f97eb
-
SSDEEP
24576:JynB4cKkYMJs6EuISA53SBIV7Zmyjq5e+:8SnktzEVSA53CgDj
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1