Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7

  • Size

    376KB

  • Sample

    241111-chzw1szenl

  • MD5

    51b68f1d173023e472c3c28aa3059916

  • SHA1

    c6d369a540d5030b00bf542db77710a94c945821

  • SHA256

    e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7

  • SHA512

    0ffce4a35fc0e5fcc0d17be7534bd27481cbae337b73ef7ea9e4c1a3bdcdc2f4b42b9a5be03e83f90728411a569f6f7ebb789e231ea3d954524cf1a07761d626

  • SSDEEP

    6144:Kmy+bnr+fp0yN90QEkxsNjaUwDkvSl9Q/Q9pzIzrHNn/8QnqhQQlsJm:2MrTy90WstaXDkvE9Qmp0zjeQnq/

Malware Config

Targets

    • Target

      e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7

    • Size

      376KB

    • MD5

      51b68f1d173023e472c3c28aa3059916

    • SHA1

      c6d369a540d5030b00bf542db77710a94c945821

    • SHA256

      e021145d0919f437a7bb604632eb3ea3b4dd8c40ca3ab9737ecdab0e8242fcf7

    • SHA512

      0ffce4a35fc0e5fcc0d17be7534bd27481cbae337b73ef7ea9e4c1a3bdcdc2f4b42b9a5be03e83f90728411a569f6f7ebb789e231ea3d954524cf1a07761d626

    • SSDEEP

      6144:Kmy+bnr+fp0yN90QEkxsNjaUwDkvSl9Q/Q9pzIzrHNn/8QnqhQQlsJm:2MrTy90WstaXDkvE9Qmp0zjeQnq/

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks