General
-
Target
47299c62ed5cce2f562817d29ab22e1850a2a24c433be17b5229efdc2c501fc2
-
Size
706KB
-
Sample
241104-qsx23asram
-
MD5
f8071c1c97e3b70a869a0e83d1445a56
-
SHA1
d11f9f3450730e823cb78f1a8879ea80f97acf73
-
SHA256
47299c62ed5cce2f562817d29ab22e1850a2a24c433be17b5229efdc2c501fc2
-
SHA512
9c3235892153fb3031979ecd318d7c43691c107b66638b28b8e93651d581726f17e531bab84f2bbfafa23d185f91c95f25f3766a814e5d19b502c8891458f84f
-
SSDEEP
12288:xy90ajqQtgvXhp1QT7jUAn+9vwWX+Uc3j6rTKotdrOJY8c0SPZ+O1FKM7u:xyhm90hec3fCrOTc5PFY
Static task
static1
Behavioral task
behavioral1
Sample
47299c62ed5cce2f562817d29ab22e1850a2a24c433be17b5229efdc2c501fc2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
47299c62ed5cce2f562817d29ab22e1850a2a24c433be17b5229efdc2c501fc2
-
Size
706KB
-
MD5
f8071c1c97e3b70a869a0e83d1445a56
-
SHA1
d11f9f3450730e823cb78f1a8879ea80f97acf73
-
SHA256
47299c62ed5cce2f562817d29ab22e1850a2a24c433be17b5229efdc2c501fc2
-
SHA512
9c3235892153fb3031979ecd318d7c43691c107b66638b28b8e93651d581726f17e531bab84f2bbfafa23d185f91c95f25f3766a814e5d19b502c8891458f84f
-
SSDEEP
12288:xy90ajqQtgvXhp1QT7jUAn+9vwWX+Uc3j6rTKotdrOJY8c0SPZ+O1FKM7u:xyhm90hec3fCrOTc5PFY
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1