Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70

  • Size

    1.5MB

  • Sample

    241111-bva8raspak

  • MD5

    34b6dd411e5243d69effcf36337df531

  • SHA1

    a9c178a38835eb959fc5dcdceb9e5c067ac57f8a

  • SHA256

    8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70

  • SHA512

    e32a08e90879add60db728b5f5578618c7087f7a6b7f24dab4b6616be347a579bb8d08013e69aefaea168f72eeff6eeed81893f6f0163a9d430aceecf8222d63

  • SSDEEP

    49152:wj+vEreRoZrq4dAGLOtlZkzuapRLl4YKEv1Cg7:2CEreEAGLOfapR54

Malware Config

Targets

    • Target

      8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70

    • Size

      1.5MB

    • MD5

      34b6dd411e5243d69effcf36337df531

    • SHA1

      a9c178a38835eb959fc5dcdceb9e5c067ac57f8a

    • SHA256

      8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70

    • SHA512

      e32a08e90879add60db728b5f5578618c7087f7a6b7f24dab4b6616be347a579bb8d08013e69aefaea168f72eeff6eeed81893f6f0163a9d430aceecf8222d63

    • SSDEEP

      49152:wj+vEreRoZrq4dAGLOtlZkzuapRLl4YKEv1Cg7:2CEreEAGLOfapR54

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks