General
-
Target
9ec8e17a9c277973f145c87cfd3a39ddcc1d6dfe7380f65894abcc946382e7fe
-
Size
1.5MB
-
Sample
241104-138lnaxqaz
-
MD5
b3eae146cd0930b344f05fd9e075e29c
-
SHA1
495225ee86533de6450644de424a80ad501ba782
-
SHA256
9ec8e17a9c277973f145c87cfd3a39ddcc1d6dfe7380f65894abcc946382e7fe
-
SHA512
67c02804a6a094da97a7cbc165d784d1b7fbf29fedfe69387b3eaf337f8a845f076a8898af052528113d549806f7138c24fcdb9f826872c25c12c147e853197b
-
SSDEEP
24576:PygAce1SNWPsn7aY9ckk3OrdkfOddFg2nBsrVwlVTLD9HQMx8fvzR:aghe1RPsn7aY943GdkfOdfbJLZwy8f
Static task
static1
Behavioral task
behavioral1
Sample
9ec8e17a9c277973f145c87cfd3a39ddcc1d6dfe7380f65894abcc946382e7fe.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9ec8e17a9c277973f145c87cfd3a39ddcc1d6dfe7380f65894abcc946382e7fe
-
Size
1.5MB
-
MD5
b3eae146cd0930b344f05fd9e075e29c
-
SHA1
495225ee86533de6450644de424a80ad501ba782
-
SHA256
9ec8e17a9c277973f145c87cfd3a39ddcc1d6dfe7380f65894abcc946382e7fe
-
SHA512
67c02804a6a094da97a7cbc165d784d1b7fbf29fedfe69387b3eaf337f8a845f076a8898af052528113d549806f7138c24fcdb9f826872c25c12c147e853197b
-
SSDEEP
24576:PygAce1SNWPsn7aY9ckk3OrdkfOddFg2nBsrVwlVTLD9HQMx8fvzR:aghe1RPsn7aY943GdkfOdfbJLZwy8f
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1