Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ba323927e4a820447a6c891a5d4042db56e6d2930ff38ab47f51e67485f3d6de

  • Size

    1.0MB

  • Sample

    241104-rp9gcs1crb

  • MD5

    f2864fc71cf00e439d98f0dd1129c087

  • SHA1

    4125c47048692a57e3006b80b50cfcd342d5a4a0

  • SHA256

    ba323927e4a820447a6c891a5d4042db56e6d2930ff38ab47f51e67485f3d6de

  • SHA512

    0477f97570ec94a119563643ceb618289807df5b9500549ab515bbcb5e1cfa0846df090ca3950321cb8b585668794100c99adfc5efb655a06143675860b63fcb

  • SSDEEP

    24576:Vyx/YERNx4EOgHtoHgJ3tRdKV5VFfQdXVP:wPPxLOgNqm+VF4dX

Malware Config

Targets

    • Target

      ba323927e4a820447a6c891a5d4042db56e6d2930ff38ab47f51e67485f3d6de

    • Size

      1.0MB

    • MD5

      f2864fc71cf00e439d98f0dd1129c087

    • SHA1

      4125c47048692a57e3006b80b50cfcd342d5a4a0

    • SHA256

      ba323927e4a820447a6c891a5d4042db56e6d2930ff38ab47f51e67485f3d6de

    • SHA512

      0477f97570ec94a119563643ceb618289807df5b9500549ab515bbcb5e1cfa0846df090ca3950321cb8b585668794100c99adfc5efb655a06143675860b63fcb

    • SSDEEP

      24576:Vyx/YERNx4EOgHtoHgJ3tRdKV5VFfQdXVP:wPPxLOgNqm+VF4dX

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks