Overview

overview

10

Static

static

3

b20d8f8d09...4f.exe

windows7-x64

10

b20d8f8d09...4f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b20d8f8d0986ed9e0234ddf2714b704f.exe

  • Size

    529KB

  • Sample

    230707-mwnq1she31

  • MD5

    b20d8f8d0986ed9e0234ddf2714b704f

  • SHA1

    a10d378232e1122cd33508b60fca47f4034048cd

  • SHA256

    8c09092cba3a544a3ba407b5de2c7436523ba6dc5ca96fece657ab65480da2d8

  • SHA512

    3e62b5d768c796c05b33ae49ccc566df5c3213df0d2cc487a27874bf72c71a758f8a99887488711e364eb4bfc08a186502ef3a8e4df326ab570795c2d9d5a6c7

  • SSDEEP

    12288:z1ZVfvcaRdnQgmKn9cCpNQIbG3uIWKZZUwdBiMm0UfWA:z1ZRvc82gmKnzwIHIpZXdPyfx

Score
10/10
healerredlinefuroddropperevasioninfostealerpersistencetrojan

Malware Config

Extracted

Family

redline

Botnet

furod

C2

77.91.68.70:19073

Attributes
  • auth_value

    d2386245fe11799b28b4521492a5879d

Targets

    • Target

      b20d8f8d0986ed9e0234ddf2714b704f.exe

    • Size

      529KB

    • MD5

      b20d8f8d0986ed9e0234ddf2714b704f

    • SHA1

      a10d378232e1122cd33508b60fca47f4034048cd

    • SHA256

      8c09092cba3a544a3ba407b5de2c7436523ba6dc5ca96fece657ab65480da2d8

    • SHA512

      3e62b5d768c796c05b33ae49ccc566df5c3213df0d2cc487a27874bf72c71a758f8a99887488711e364eb4bfc08a186502ef3a8e4df326ab570795c2d9d5a6c7

    • SSDEEP

      12288:z1ZVfvcaRdnQgmKn9cCpNQIbG3uIWKZZUwdBiMm0UfWA:z1ZRvc82gmKnzwIHIpZXdPyfx

    Score
    10/10
    healerredlinefuroddropperevasioninfostealerpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.