Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70
-
Size
1.5MB
-
Sample
241111-bva8raspak
-
MD5
34b6dd411e5243d69effcf36337df531
-
SHA1
a9c178a38835eb959fc5dcdceb9e5c067ac57f8a
-
SHA256
8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70
-
SHA512
e32a08e90879add60db728b5f5578618c7087f7a6b7f24dab4b6616be347a579bb8d08013e69aefaea168f72eeff6eeed81893f6f0163a9d430aceecf8222d63
-
SSDEEP
49152:wj+vEreRoZrq4dAGLOtlZkzuapRLl4YKEv1Cg7:2CEreEAGLOfapR54
Malware Config
Targets
-
-
Target
8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70
-
Size
1.5MB
-
MD5
34b6dd411e5243d69effcf36337df531
-
SHA1
a9c178a38835eb959fc5dcdceb9e5c067ac57f8a
-
SHA256
8fbf824afd7fc568bb9d07814d44416b54189cffe1519b8458b8aeefaacdff70
-
SHA512
e32a08e90879add60db728b5f5578618c7087f7a6b7f24dab4b6616be347a579bb8d08013e69aefaea168f72eeff6eeed81893f6f0163a9d430aceecf8222d63
-
SSDEEP
49152:wj+vEreRoZrq4dAGLOtlZkzuapRLl4YKEv1Cg7:2CEreEAGLOfapR54
Score10/10-
Detects Healer an antivirus disabler dropper
-
Healer
Healer an antivirus disabler dropper.
-
Healer family
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1