General
-
Target
2ddbd926a5d164048a9093f27b80e6e877db06d15b933dfe3bf626324ec45d0e
-
Size
694KB
-
Sample
241104-13xjdsycjf
-
MD5
066c43ada8a406ebd400873bf90263bf
-
SHA1
221307dd31834dc377f546b88e37ae2a13837fa5
-
SHA256
2ddbd926a5d164048a9093f27b80e6e877db06d15b933dfe3bf626324ec45d0e
-
SHA512
97b1ed6d475fd2267bf69eb8033b28456cd20d8559f22f68001990adf67fa8589abbbe45a847398bc5dbf57c7a0fe31423362ad7b01d40dc744352e895ffde63
-
SSDEEP
12288:wy908s/6YTO+uQSXx3VeBbZ1UdONd1QZ23H3XUc5vleu2KT8ZnGew:wyw/ZO+uQW3VeP6dAjH3XUAWKYZnLw
Static task
static1
Behavioral task
behavioral1
Sample
2ddbd926a5d164048a9093f27b80e6e877db06d15b933dfe3bf626324ec45d0e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2ddbd926a5d164048a9093f27b80e6e877db06d15b933dfe3bf626324ec45d0e
-
Size
694KB
-
MD5
066c43ada8a406ebd400873bf90263bf
-
SHA1
221307dd31834dc377f546b88e37ae2a13837fa5
-
SHA256
2ddbd926a5d164048a9093f27b80e6e877db06d15b933dfe3bf626324ec45d0e
-
SHA512
97b1ed6d475fd2267bf69eb8033b28456cd20d8559f22f68001990adf67fa8589abbbe45a847398bc5dbf57c7a0fe31423362ad7b01d40dc744352e895ffde63
-
SSDEEP
12288:wy908s/6YTO+uQSXx3VeBbZ1UdONd1QZ23H3XUc5vleu2KT8ZnGew:wyw/ZO+uQW3VeP6dAjH3XUAWKYZnLw
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1