Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4eeN.exe
-
Size
412KB
-
Sample
241119-dqtkmszalh
-
MD5
024e4673fd2f0563a36dd7170bf97ef0
-
SHA1
7d13fb044cb28658456fe302931516f3aec35f94
-
SHA256
5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4ee
-
SHA512
10c93d0a1170a0ea746a54f1a89d4b51b198790cb8d439be8b485821950f8be66bd4661391b7032b4362256503106ebdd51847f5c5566c9b716b711cb27e068b
-
SSDEEP
12288:iy9074/yiYfTU+PfrF9miHZvsyIiNtLDbTPKZH:iy7/+fTnfB9mi5vjD/EH
Static task
static1
Behavioral task
behavioral1
Sample
5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4eeN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4eeN.exe
-
Size
412KB
-
MD5
024e4673fd2f0563a36dd7170bf97ef0
-
SHA1
7d13fb044cb28658456fe302931516f3aec35f94
-
SHA256
5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4ee
-
SHA512
10c93d0a1170a0ea746a54f1a89d4b51b198790cb8d439be8b485821950f8be66bd4661391b7032b4362256503106ebdd51847f5c5566c9b716b711cb27e068b
-
SSDEEP
12288:iy9074/yiYfTU+PfrF9miHZvsyIiNtLDbTPKZH:iy7/+fTnfB9mi5vjD/EH
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1