General
-
Target
766c25a23ed3e7527bc8c69526af4c55b9125538b20c6c6e034333c7fc505c13
-
Size
376KB
-
Sample
241104-qssgkszkft
-
MD5
1f8be4219e07c30eb93f9c40a785d33a
-
SHA1
e14199dcbbbd746ec3b4a1bb57157ca392e47a1b
-
SHA256
766c25a23ed3e7527bc8c69526af4c55b9125538b20c6c6e034333c7fc505c13
-
SHA512
687e85b06258540a925c14210e92f9d090b1d20cfef7616a1c3efd2cf4eae3a2cbe87d5beca8ef94e5d65ab0fa9482628dda25e7281d252b78df4db5bf55ca08
-
SSDEEP
6144:Kfy+bnr+lp0yN90QEqjAnObhx5eUJkLvD5NESb6Y09e5MJRkyMv4Tn:xMrly90uAnox3kL75SSbx0k5MJRkF4b
Static task
static1
Behavioral task
behavioral1
Sample
766c25a23ed3e7527bc8c69526af4c55b9125538b20c6c6e034333c7fc505c13.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
766c25a23ed3e7527bc8c69526af4c55b9125538b20c6c6e034333c7fc505c13
-
Size
376KB
-
MD5
1f8be4219e07c30eb93f9c40a785d33a
-
SHA1
e14199dcbbbd746ec3b4a1bb57157ca392e47a1b
-
SHA256
766c25a23ed3e7527bc8c69526af4c55b9125538b20c6c6e034333c7fc505c13
-
SHA512
687e85b06258540a925c14210e92f9d090b1d20cfef7616a1c3efd2cf4eae3a2cbe87d5beca8ef94e5d65ab0fa9482628dda25e7281d252b78df4db5bf55ca08
-
SSDEEP
6144:Kfy+bnr+lp0yN90QEqjAnObhx5eUJkLvD5NESb6Y09e5MJRkyMv4Tn:xMrly90uAnox3kL75SSbx0k5MJRkF4b
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1