Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    701f2237582c8e728654825bb30c6889310fd7b441b6f66d4c0382dad4c4b662N.exe

  • Size

    707KB

  • Sample

    241126-s7f37stpcj

  • MD5

    fa4b4604af6c354a349843f6bb7ed3c0

  • SHA1

    0701f0f7f7308a4e6f45224f58b0c1b28f6e09d8

  • SHA256

    701f2237582c8e728654825bb30c6889310fd7b441b6f66d4c0382dad4c4b662

  • SHA512

    12400bda97fddb21b944f1c313dcd1d596e77aa9f19c8e678e5458d6293ee8d5751972b84aef35ff0963934aaf6fc9de1ba013369dd084b0c5ab0aa2604be8c0

  • SSDEEP

    12288:1y90yu04J+VDNlpvzB2wTaYXXbHW8I5K/SpQbYXbGWPFk:1yGJ+LB7a8Xb/SXbG2Fk

Malware Config

Targets

    • Target

      701f2237582c8e728654825bb30c6889310fd7b441b6f66d4c0382dad4c4b662N.exe

    • Size

      707KB

    • MD5

      fa4b4604af6c354a349843f6bb7ed3c0

    • SHA1

      0701f0f7f7308a4e6f45224f58b0c1b28f6e09d8

    • SHA256

      701f2237582c8e728654825bb30c6889310fd7b441b6f66d4c0382dad4c4b662

    • SHA512

      12400bda97fddb21b944f1c313dcd1d596e77aa9f19c8e678e5458d6293ee8d5751972b84aef35ff0963934aaf6fc9de1ba013369dd084b0c5ab0aa2604be8c0

    • SSDEEP

      12288:1y90yu04J+VDNlpvzB2wTaYXXbHW8I5K/SpQbYXbGWPFk:1yGJ+LB7a8Xb/SXbG2Fk

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks