General
-
Target
221ae1efb162d5732b033fe120c073cc402dba98d4a543b67a2d59c436731542
-
Size
826KB
-
Sample
241104-qrqllasqgr
-
MD5
fd52e7207b35a4fbee0b3dd00dfa9045
-
SHA1
4ac541cee5a2da2d66b4919fa355232dbf0d8ee4
-
SHA256
221ae1efb162d5732b033fe120c073cc402dba98d4a543b67a2d59c436731542
-
SHA512
cff7c3be9eb6b19a600b88d4912b0002cff089c3528e4094f0f05fcb72a1bae71672d92196f0f24c3e7321d69a0985926be6e86cfe55c33c1027c978ae805467
-
SSDEEP
12288:Qy90XXMch4rpe8N7qTuoxFuEr0iEeO29v2Jb/IwIvAQlDNN3v8oFy:QyTe8VuDEeVNuODlBN3Vy
Static task
static1
Behavioral task
behavioral1
Sample
221ae1efb162d5732b033fe120c073cc402dba98d4a543b67a2d59c436731542.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
221ae1efb162d5732b033fe120c073cc402dba98d4a543b67a2d59c436731542
-
Size
826KB
-
MD5
fd52e7207b35a4fbee0b3dd00dfa9045
-
SHA1
4ac541cee5a2da2d66b4919fa355232dbf0d8ee4
-
SHA256
221ae1efb162d5732b033fe120c073cc402dba98d4a543b67a2d59c436731542
-
SHA512
cff7c3be9eb6b19a600b88d4912b0002cff089c3528e4094f0f05fcb72a1bae71672d92196f0f24c3e7321d69a0985926be6e86cfe55c33c1027c978ae805467
-
SSDEEP
12288:Qy90XXMch4rpe8N7qTuoxFuEr0iEeO29v2Jb/IwIvAQlDNN3v8oFy:QyTe8VuDEeVNuODlBN3Vy
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1