Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

g7306605.exe

windows7-x64

10

g7306605.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    g7306605.exe

  • Size

    213KB

  • Sample

    231013-18vxradb3z

  • MD5

    ba2e40d2cf49ce7901cc39e793ed4109

  • SHA1

    0e1814555f7b66886d9bce7a2497c65395e3663c

  • SHA256

    9d47a47a910ce3505288372749c21ba14978721946403aba4df7cff52aceb9c4

  • SHA512

    3f863210fba8af719c52cc69460feb652be6c0abf9ea727e940e637a61cf458b532e5c630ea6d8027984dd7f31875b59ebf1375727e27efc28b837a9ba98bf63

  • SSDEEP

    6144:OQQiKL/yfYb5B+BO99c0s0ZVtAOCgvE9:JQ//yfYb5BIQZVtQn9

Score
10/10
healerdropperevasiontrojan

Malware Config

Targets

    • Target

      g7306605.exe

    • Size

      213KB

    • MD5

      ba2e40d2cf49ce7901cc39e793ed4109

    • SHA1

      0e1814555f7b66886d9bce7a2497c65395e3663c

    • SHA256

      9d47a47a910ce3505288372749c21ba14978721946403aba4df7cff52aceb9c4

    • SHA512

      3f863210fba8af719c52cc69460feb652be6c0abf9ea727e940e637a61cf458b532e5c630ea6d8027984dd7f31875b59ebf1375727e27efc28b837a9ba98bf63

    • SSDEEP

      6144:OQQiKL/yfYb5B+BO99c0s0ZVtAOCgvE9:JQ//yfYb5BIQZVtQn9

    Score
    10/10
    healerdropperevasiontrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks