Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fa60b38bd6bb045ce86b17f8f41b80822f985b6b6c6f35b2ef1a8b3e762f551f

  • Size

    747KB

  • Sample

    241104-rq4mha1gkm

  • MD5

    aee91897c7d89e27d63be49ebc22d243

  • SHA1

    b897900aa87ddc3e404653cac8c5fcc6da1bc85b

  • SHA256

    fa60b38bd6bb045ce86b17f8f41b80822f985b6b6c6f35b2ef1a8b3e762f551f

  • SHA512

    6ba85f6fd602edc92b3c33530a26eb944a9a741694bd11fca990aad9e6f713c7b3686a0071186faf9f1f8f51bd0976d3028c6a60ad88a20dbec1ab57da8984a5

  • SSDEEP

    12288:by90CMISGkjcEHhHaFjLb5UdpxioWB5TYmQJgy5rRrta:by1MI/EHhHeLbSd3dAEmAgurRrta

Malware Config

Targets

    • Target

      fa60b38bd6bb045ce86b17f8f41b80822f985b6b6c6f35b2ef1a8b3e762f551f

    • Size

      747KB

    • MD5

      aee91897c7d89e27d63be49ebc22d243

    • SHA1

      b897900aa87ddc3e404653cac8c5fcc6da1bc85b

    • SHA256

      fa60b38bd6bb045ce86b17f8f41b80822f985b6b6c6f35b2ef1a8b3e762f551f

    • SHA512

      6ba85f6fd602edc92b3c33530a26eb944a9a741694bd11fca990aad9e6f713c7b3686a0071186faf9f1f8f51bd0976d3028c6a60ad88a20dbec1ab57da8984a5

    • SSDEEP

      12288:by90CMISGkjcEHhHaFjLb5UdpxioWB5TYmQJgy5rRrta:by1MI/EHhHeLbSd3dAEmAgurRrta

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks