Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8ffc62788be9c8cdc341de6cec6f4f8d3caf83566750cea14bb824f81a57604a
-
Size
644KB
-
Sample
241111-bqds3syhkj
-
MD5
99d5065ca365c8d2122b592d0ed58bf2
-
SHA1
f5663bf31410c4731a1ba3519f08455c117b86d1
-
SHA256
8ffc62788be9c8cdc341de6cec6f4f8d3caf83566750cea14bb824f81a57604a
-
SHA512
c8d45d791a50de62d7b2c1ca50d31ab81671e0bb28c5fdbc52c54f3e8ebe2cacd5bce800290b569a41cc607e62b0234cbf0ef12afe71ecd70355661f5c154ce7
-
SSDEEP
12288:0y90bAGyw8xEYBRGhm7RDbFRFXWWQ7ZRvul4x0iS+e760RCL+Xf:0y0yBwQVtmWQ9vuee760RCyXf
Static task
static1
Behavioral task
behavioral1
Sample
8ffc62788be9c8cdc341de6cec6f4f8d3caf83566750cea14bb824f81a57604a.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8ffc62788be9c8cdc341de6cec6f4f8d3caf83566750cea14bb824f81a57604a
-
Size
644KB
-
MD5
99d5065ca365c8d2122b592d0ed58bf2
-
SHA1
f5663bf31410c4731a1ba3519f08455c117b86d1
-
SHA256
8ffc62788be9c8cdc341de6cec6f4f8d3caf83566750cea14bb824f81a57604a
-
SHA512
c8d45d791a50de62d7b2c1ca50d31ab81671e0bb28c5fdbc52c54f3e8ebe2cacd5bce800290b569a41cc607e62b0234cbf0ef12afe71ecd70355661f5c154ce7
-
SSDEEP
12288:0y90bAGyw8xEYBRGhm7RDbFRFXWWQ7ZRvul4x0iS+e760RCL+Xf:0y0yBwQVtmWQ9vuee760RCyXf
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1