Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7
-
Size
376KB
-
Sample
241111-chzw1szenl
-
MD5
51b68f1d173023e472c3c28aa3059916
-
SHA1
c6d369a540d5030b00bf542db77710a94c945821
-
SHA256
e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7
-
SHA512
0ffce4a35fc0e5fcc0d17be7534bd27481cbae337b73ef7ea9e4c1a3bdcdc2f4b42b9a5be03e83f90728411a569f6f7ebb789e231ea3d954524cf1a07761d626
-
SSDEEP
6144:Kmy+bnr+fp0yN90QEkxsNjaUwDkvSl9Q/Q9pzIzrHNn/8QnqhQQlsJm:2MrTy90WstaXDkvE9Qmp0zjeQnq/
Static task
static1
Behavioral task
behavioral1
Sample
e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7
-
Size
376KB
-
MD5
51b68f1d173023e472c3c28aa3059916
-
SHA1
c6d369a540d5030b00bf542db77710a94c945821
-
SHA256
e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7
-
SHA512
0ffce4a35fc0e5fcc0d17be7534bd27481cbae337b73ef7ea9e4c1a3bdcdc2f4b42b9a5be03e83f90728411a569f6f7ebb789e231ea3d954524cf1a07761d626
-
SSDEEP
6144:Kmy+bnr+fp0yN90QEkxsNjaUwDkvSl9Q/Q9pzIzrHNn/8QnqhQQlsJm:2MrTy90WstaXDkvE9Qmp0zjeQnq/
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1