Overview

overview

10

Static

static

10

2188-127-0...ry.dll

windows7-x64

1

2188-127-0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2188-127-0x00000000025C0000-0x0000000002600000-memory.dmp

  • Size

    256KB

  • MD5

    8b1c3463d86dd042611b577698913226

  • SHA1

    e0ec3df1eb692c6ef9a75ff01c877a496553b813

  • SHA256

    933e4874c64fd0a007b0e0a95aeac015a0b1c781c489c9bf1f81728e64a19fec

  • SHA512

    ad85815496a95731032b1e9fc3b0d48eda02e760790f12c0e0772ca941f10edf94a6d67496140313ecbc6b08ab3e2234be11b5cf099aeb94e209f66002a1b943

  • SSDEEP

    3072:izyFlJDGx0HqSYxNXUfMim4G348e8hEkxIEI43gup3:R1s0HZ8em4G34BEI4QS

Score
10/10
healerredline

Malware Config

Signatures

  • Detects Healer an antivirus disabler dropper 1 IoCs
  • Healer family
    healer
  • RedLine payload 1 IoCs
  • Redline family
    redline
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2188-127-0x00000000025C0000-0x0000000002600000-memory.dmp
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections