General
-
Target
a845129a2bc1f81adf1408e7122c216a6966d6f486d069d0fa8d8d98fcca97a2
-
Size
1000KB
-
Sample
241104-qv56fs1brl
-
MD5
a68dd4c1e87b106acb490aab38955c5e
-
SHA1
1ddc611c08f32ecb3a00bce967a8f4265f896698
-
SHA256
a845129a2bc1f81adf1408e7122c216a6966d6f486d069d0fa8d8d98fcca97a2
-
SHA512
0db784dc1ef562bcd81cb2f3cfd6203b18119e24d1062f8bc23efc54ab09292adc29daa5a01e02c3e04669f940a9354b6d4dceace6e8a0ca0987e697ad036fd2
-
SSDEEP
24576:ITLrvnFOPYjIA0NCw+J3Hl+yV5vCoyvIc5zlYWSSpb:ervFqYjbfJV+QvCoyZzt9p
Static task
static1
Behavioral task
behavioral1
Sample
a845129a2bc1f81adf1408e7122c216a6966d6f486d069d0fa8d8d98fcca97a2.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a845129a2bc1f81adf1408e7122c216a6966d6f486d069d0fa8d8d98fcca97a2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a845129a2bc1f81adf1408e7122c216a6966d6f486d069d0fa8d8d98fcca97a2
-
Size
1000KB
-
MD5
a68dd4c1e87b106acb490aab38955c5e
-
SHA1
1ddc611c08f32ecb3a00bce967a8f4265f896698
-
SHA256
a845129a2bc1f81adf1408e7122c216a6966d6f486d069d0fa8d8d98fcca97a2
-
SHA512
0db784dc1ef562bcd81cb2f3cfd6203b18119e24d1062f8bc23efc54ab09292adc29daa5a01e02c3e04669f940a9354b6d4dceace6e8a0ca0987e697ad036fd2
-
SSDEEP
24576:ITLrvnFOPYjIA0NCw+J3Hl+yV5vCoyvIc5zlYWSSpb:ervFqYjbfJV+QvCoyZzt9p
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1