General
-
Target
b73ee08514f39450beded961656e8b302b2d40aeaaf92c184a34a9ebc16b6c07
-
Size
727KB
-
Sample
241104-q7gzdszme1
-
MD5
0394aa19ca5e04fa810c13751993626e
-
SHA1
d09be67003d7cfce522f53ce8441e4fa1e38bb0c
-
SHA256
b73ee08514f39450beded961656e8b302b2d40aeaaf92c184a34a9ebc16b6c07
-
SHA512
45497bc5d90342ed60d6d5100b779fde8b5df5686de270702f9a7b3e79c9ea46a6982956d06fa87b9b69f34f404dff9d7a896a546d35bbed1d196ac6371b8541
-
SSDEEP
12288:Ky905yKbhfywfDpgyWAy95w5/5/he2hkcvhP3vUUXZBkPwDaWuiOr63c:KyiF1ywVgyWfs5/5/NScvh/jJowHuHR
Static task
static1
Behavioral task
behavioral1
Sample
b73ee08514f39450beded961656e8b302b2d40aeaaf92c184a34a9ebc16b6c07.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
b73ee08514f39450beded961656e8b302b2d40aeaaf92c184a34a9ebc16b6c07
-
Size
727KB
-
MD5
0394aa19ca5e04fa810c13751993626e
-
SHA1
d09be67003d7cfce522f53ce8441e4fa1e38bb0c
-
SHA256
b73ee08514f39450beded961656e8b302b2d40aeaaf92c184a34a9ebc16b6c07
-
SHA512
45497bc5d90342ed60d6d5100b779fde8b5df5686de270702f9a7b3e79c9ea46a6982956d06fa87b9b69f34f404dff9d7a896a546d35bbed1d196ac6371b8541
-
SSDEEP
12288:Ky905yKbhfywfDpgyWAy95w5/5/he2hkcvhP3vUUXZBkPwDaWuiOr63c:KyiF1ywVgyWfs5/5/NScvh/jJowHuHR
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1