General
-
Target
abb058cbee27b24a9e51c03ee4f66da2de85ccf69a93197f4dfd0f483d1aed6a
-
Size
690KB
-
Sample
241104-q9acbszmhy
-
MD5
0a674110846b351a2d31927f43b596fe
-
SHA1
0ef1a06fdc80972fcbb71525afda3870a6f7a6a3
-
SHA256
abb058cbee27b24a9e51c03ee4f66da2de85ccf69a93197f4dfd0f483d1aed6a
-
SHA512
2e4a4e27a6bd1e71166bf4d98928790de8f41b196685a9b52f5b603ef58b215d755b18ba883b90d0270a61afb2c27e9479a10675e59be952ad56667cc3ae643c
-
SSDEEP
12288:qy90Z95/TKTtg6/7jH3IFBqB7ShtS4gnWO2VBrHlRCieb+f6a:qy45/ET/HHQQBx46Z2RsiM+fz
Static task
static1
Behavioral task
behavioral1
Sample
abb058cbee27b24a9e51c03ee4f66da2de85ccf69a93197f4dfd0f483d1aed6a.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
abb058cbee27b24a9e51c03ee4f66da2de85ccf69a93197f4dfd0f483d1aed6a
-
Size
690KB
-
MD5
0a674110846b351a2d31927f43b596fe
-
SHA1
0ef1a06fdc80972fcbb71525afda3870a6f7a6a3
-
SHA256
abb058cbee27b24a9e51c03ee4f66da2de85ccf69a93197f4dfd0f483d1aed6a
-
SHA512
2e4a4e27a6bd1e71166bf4d98928790de8f41b196685a9b52f5b603ef58b215d755b18ba883b90d0270a61afb2c27e9479a10675e59be952ad56667cc3ae643c
-
SSDEEP
12288:qy90Z95/TKTtg6/7jH3IFBqB7ShtS4gnWO2VBrHlRCieb+f6a:qy45/ET/HHQQBx46Z2RsiM+fz
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1