Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d0c7cdc3d14cff42eeef5a0b7b7947929c338a4be148099886f58d7052f5d7a5
-
Size
1.0MB
-
Sample
231012-bkxzrshb52
-
MD5
a737a998ceeaf29e58d3ef21d274af76
-
SHA1
f06d99ed7f79df0351136e1a4b35c67c104407ff
-
SHA256
d0c7cdc3d14cff42eeef5a0b7b7947929c338a4be148099886f58d7052f5d7a5
-
SHA512
8138c420740f4ab4906868eb70af9b0b1705af50e8b7cdc98d688cbabac8657f3496e3a18cdacb206abbed992473ccf8e00ba76cb97a7a579f0780bb76617d95
-
SSDEEP
24576:wydJ8j9l9V8Jg0PcSZALJluvmZrd5gs0kHrkenj8PT/g:3dJ+5V8JgIALJqmZrd5t0Uoenjw
Static task
static1
Behavioral task
behavioral1
Sample
d0c7cdc3d14cff42eeef5a0b7b7947929c338a4be148099886f58d7052f5d7a5.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
d0c7cdc3d14cff42eeef5a0b7b7947929c338a4be148099886f58d7052f5d7a5.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
d0c7cdc3d14cff42eeef5a0b7b7947929c338a4be148099886f58d7052f5d7a5
-
Size
1.0MB
-
MD5
a737a998ceeaf29e58d3ef21d274af76
-
SHA1
f06d99ed7f79df0351136e1a4b35c67c104407ff
-
SHA256
d0c7cdc3d14cff42eeef5a0b7b7947929c338a4be148099886f58d7052f5d7a5
-
SHA512
8138c420740f4ab4906868eb70af9b0b1705af50e8b7cdc98d688cbabac8657f3496e3a18cdacb206abbed992473ccf8e00ba76cb97a7a579f0780bb76617d95
-
SSDEEP
24576:wydJ8j9l9V8Jg0PcSZALJluvmZrd5gs0kHrkenj8PT/g:3dJ+5V8JgIALJqmZrd5t0Uoenjw
Score10/10-
Detects Healer an antivirus disabler dropper
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1