General

  • Target

    e3e46af722c5be2b3bbcaa92c9d46a451b132dcc50e4f7be754b063017526211

  • Size

    566KB

  • Sample

    241104-q192lazhlf

  • MD5

    1af28c65d1ba53096934d2862056f660

  • SHA1

    42b6a69f60d6e8c662a5578cc5f8b491171f1556

  • SHA256

    e3e46af722c5be2b3bbcaa92c9d46a451b132dcc50e4f7be754b063017526211

  • SHA512

    199bacbd2c976826c6f21ea82ca6f5c63d6a3afc7eeb3c779123cdcbfc39db67fc9ce5f783a7ab4c15c7426a41de20b8a7f3f8e431139255fc91365d964d0ca0

  • SSDEEP

    6144:Hqp0yN90QELOpixMvMrwTos3M5H18ay5umv5DId8d1cCNd/MTdszfXIbZiXdu4Aw:ry90gGMEns61uF5rdnSJszSZik8Y2

Malware Config

Targets

    • Target

      e3e46af722c5be2b3bbcaa92c9d46a451b132dcc50e4f7be754b063017526211

    • Size

      566KB

    • MD5

      1af28c65d1ba53096934d2862056f660

    • SHA1

      42b6a69f60d6e8c662a5578cc5f8b491171f1556

    • SHA256

      e3e46af722c5be2b3bbcaa92c9d46a451b132dcc50e4f7be754b063017526211

    • SHA512

      199bacbd2c976826c6f21ea82ca6f5c63d6a3afc7eeb3c779123cdcbfc39db67fc9ce5f783a7ab4c15c7426a41de20b8a7f3f8e431139255fc91365d964d0ca0

    • SSDEEP

      6144:Hqp0yN90QELOpixMvMrwTos3M5H18ay5umv5DId8d1cCNd/MTdszfXIbZiXdu4Aw:ry90gGMEns61uF5rdnSJszSZik8Y2

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.