Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4eeN.exe

  • Size

    412KB

  • Sample

    241119-dqtkmszalh

  • MD5

    024e4673fd2f0563a36dd7170bf97ef0

  • SHA1

    7d13fb044cb28658456fe302931516f3aec35f94

  • SHA256

    5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4ee

  • SHA512

    10c93d0a1170a0ea746a54f1a89d4b51b198790cb8d439be8b485821950f8be66bd4661391b7032b4362256503106ebdd51847f5c5566c9b716b711cb27e068b

  • SSDEEP

    12288:iy9074/yiYfTU+PfrF9miHZvsyIiNtLDbTPKZH:iy7/+fTnfB9mi5vjD/EH

Malware Config

Targets

    • Target

      5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4eeN.exe

    • Size

      412KB

    • MD5

      024e4673fd2f0563a36dd7170bf97ef0

    • SHA1

      7d13fb044cb28658456fe302931516f3aec35f94

    • SHA256

      5be018a568efd5e6d3f20c5cd43580ee6ba91fa3174b50cfb8e5d30e8977e4ee

    • SHA512

      10c93d0a1170a0ea746a54f1a89d4b51b198790cb8d439be8b485821950f8be66bd4661391b7032b4362256503106ebdd51847f5c5566c9b716b711cb27e068b

    • SSDEEP

      12288:iy9074/yiYfTU+PfrF9miHZvsyIiNtLDbTPKZH:iy7/+fTnfB9mi5vjD/EH

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks