General
-
Target
752bad7f9db3a50f6c30ea93a07a7f15db83058f05c3dc6444ee55c7547edbe8
-
Size
563KB
-
Sample
241029-pvhjqatrdy
-
MD5
17e9e251e5acbbd36f8aabce1727175e
-
SHA1
eea502431fbd081875d3e19f6d9123fd443bbe79
-
SHA256
752bad7f9db3a50f6c30ea93a07a7f15db83058f05c3dc6444ee55c7547edbe8
-
SHA512
78eb60d13c4a577d9c3741f63d47a67ceb123c419059f1d3f55a452244947a5b459b3f012c7ec66c8d6561f6a1301ac4d2983976ecc7a06ab94991e07d238d1d
-
SSDEEP
12288:oy90bdAYkJxYO2KWRZI8Uzf0PjunMnUr8nGg6x/:oyKdLkfYOvWPAsPj6MUuQx/
Static task
static1
Behavioral task
behavioral1
Sample
752bad7f9db3a50f6c30ea93a07a7f15db83058f05c3dc6444ee55c7547edbe8.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
752bad7f9db3a50f6c30ea93a07a7f15db83058f05c3dc6444ee55c7547edbe8
-
Size
563KB
-
MD5
17e9e251e5acbbd36f8aabce1727175e
-
SHA1
eea502431fbd081875d3e19f6d9123fd443bbe79
-
SHA256
752bad7f9db3a50f6c30ea93a07a7f15db83058f05c3dc6444ee55c7547edbe8
-
SHA512
78eb60d13c4a577d9c3741f63d47a67ceb123c419059f1d3f55a452244947a5b459b3f012c7ec66c8d6561f6a1301ac4d2983976ecc7a06ab94991e07d238d1d
-
SSDEEP
12288:oy90bdAYkJxYO2KWRZI8Uzf0PjunMnUr8nGg6x/:oyKdLkfYOvWPAsPj6MUuQx/
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1