Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eac3f623cb3e86e6e2cf05d7cf8a3375142e47a79ac2445577b5620e35a566eb
-
Size
563KB
-
Sample
241111-b32exasqfn
-
MD5
a4a0bf7b92b81d24b47cfb15921607cc
-
SHA1
82ccbc14a706e6d997c71a573187bba7598da57c
-
SHA256
eac3f623cb3e86e6e2cf05d7cf8a3375142e47a79ac2445577b5620e35a566eb
-
SHA512
f391fe4195151f78d6bbc3b04ac734b1509c6d9dcf16431e105c15ebf7f1e1bb9af251524f7437295e568cb98769ca09992db7be1bbbff7c4ad2737ed3c62166
-
SSDEEP
12288:By90AJVxBo4dr31FBlqeLIIWjL+uXMOzbOIDjXjeOBuWJhza6:ByFL3r3jBfIIW3+UbjXjeOBdPv
Malware Config
Targets
-
-
Target
eac3f623cb3e86e6e2cf05d7cf8a3375142e47a79ac2445577b5620e35a566eb
-
Size
563KB
-
MD5
a4a0bf7b92b81d24b47cfb15921607cc
-
SHA1
82ccbc14a706e6d997c71a573187bba7598da57c
-
SHA256
eac3f623cb3e86e6e2cf05d7cf8a3375142e47a79ac2445577b5620e35a566eb
-
SHA512
f391fe4195151f78d6bbc3b04ac734b1509c6d9dcf16431e105c15ebf7f1e1bb9af251524f7437295e568cb98769ca09992db7be1bbbff7c4ad2737ed3c62166
-
SSDEEP
12288:By90AJVxBo4dr31FBlqeLIIWjL+uXMOzbOIDjXjeOBuWJhza6:ByFL3r3jBfIIW3+UbjXjeOBdPv
Score10/10-
Detects Healer an antivirus disabler dropper
-
Healer
Healer an antivirus disabler dropper.
-
Healer family
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1