General
-
Target
36fbc6d1768b7b0c67734a892a23aca07f5964ebc1f3151bd381e4449dc560c1
-
Size
1.1MB
-
Sample
241104-qtgfpssrbk
-
MD5
4471abe4f4baf096b4fb6d4172e867e4
-
SHA1
f1ed2d508a1ac4b19e9704b4bcd3b4d16fade619
-
SHA256
36fbc6d1768b7b0c67734a892a23aca07f5964ebc1f3151bd381e4449dc560c1
-
SHA512
6ced794b583b290f14abe4c9360b8fb9d009acf8902d2d8e5f78ba7b8047df378260b74bec090b2e3687870d5d5b5dd07d0846b20964728116dfe471eb257547
-
SSDEEP
24576:oybYM4AJg5wC7Mqvzn3vI6FZjQ2XeQMI9tz4dN:vMM7jCgkn3vEqeJa4d
Static task
static1
Behavioral task
behavioral1
Sample
36fbc6d1768b7b0c67734a892a23aca07f5964ebc1f3151bd381e4449dc560c1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
36fbc6d1768b7b0c67734a892a23aca07f5964ebc1f3151bd381e4449dc560c1
-
Size
1.1MB
-
MD5
4471abe4f4baf096b4fb6d4172e867e4
-
SHA1
f1ed2d508a1ac4b19e9704b4bcd3b4d16fade619
-
SHA256
36fbc6d1768b7b0c67734a892a23aca07f5964ebc1f3151bd381e4449dc560c1
-
SHA512
6ced794b583b290f14abe4c9360b8fb9d009acf8902d2d8e5f78ba7b8047df378260b74bec090b2e3687870d5d5b5dd07d0846b20964728116dfe471eb257547
-
SSDEEP
24576:oybYM4AJg5wC7Mqvzn3vI6FZjQ2XeQMI9tz4dN:vMM7jCgkn3vEqeJa4d
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1