Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cd0e2dab778f8e73d6742e5b1ff5a38f4d8c51e11d1afb0168354b031abd7a88

  • Size

    1.2MB

  • Sample

    241111-cgzjvszhnb

  • MD5

    601eb9806906b50344db609b41d434a9

  • SHA1

    00882e81e63a296f8c45b75fe33a37e2d2148048

  • SHA256

    cd0e2dab778f8e73d6742e5b1ff5a38f4d8c51e11d1afb0168354b031abd7a88

  • SHA512

    07ae053bf2f9f64a495d89ebd3512914fc7823974278e8ceee9d3f4145841535bc722d2281e4c82d4fda3875644c4c79ffafe0b966c659f074e41f9505a8b5e4

  • SSDEEP

    24576:r0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:r0zNUYjkCcPoJgK3ss+y4bN

Malware Config

Targets

    • Target

      cd0e2dab778f8e73d6742e5b1ff5a38f4d8c51e11d1afb0168354b031abd7a88

    • Size

      1.2MB

    • MD5

      601eb9806906b50344db609b41d434a9

    • SHA1

      00882e81e63a296f8c45b75fe33a37e2d2148048

    • SHA256

      cd0e2dab778f8e73d6742e5b1ff5a38f4d8c51e11d1afb0168354b031abd7a88

    • SHA512

      07ae053bf2f9f64a495d89ebd3512914fc7823974278e8ceee9d3f4145841535bc722d2281e4c82d4fda3875644c4c79ffafe0b966c659f074e41f9505a8b5e4

    • SSDEEP

      24576:r0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:r0zNUYjkCcPoJgK3ss+y4bN

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks