General
-
Target
908cacdf9847471c19e02468bf6f9de5db7690dbc8f180244f1eb3dacb66dfae
-
Size
965KB
-
Sample
241104-qva1basrcl
-
MD5
82434c52cb9347b02a811be716aa87ce
-
SHA1
d33b78fee5b199dcdb55d10627bee1071877ff06
-
SHA256
908cacdf9847471c19e02468bf6f9de5db7690dbc8f180244f1eb3dacb66dfae
-
SHA512
b6a2327b6911f434280a2a1c25a7193b08cda2d26024a020c9c7cc67ecdaad0a21998521e749d6143de0b614e8df5fb516a2c4514bb6247a1e63c7f78687063d
-
SSDEEP
24576:Ty0W1K8OVMGhq9eEegpdPY5IY+mHuC4LePNbx:m91kVRapdw5IY+VC4Le
Static task
static1
Behavioral task
behavioral1
Sample
908cacdf9847471c19e02468bf6f9de5db7690dbc8f180244f1eb3dacb66dfae.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
908cacdf9847471c19e02468bf6f9de5db7690dbc8f180244f1eb3dacb66dfae
-
Size
965KB
-
MD5
82434c52cb9347b02a811be716aa87ce
-
SHA1
d33b78fee5b199dcdb55d10627bee1071877ff06
-
SHA256
908cacdf9847471c19e02468bf6f9de5db7690dbc8f180244f1eb3dacb66dfae
-
SHA512
b6a2327b6911f434280a2a1c25a7193b08cda2d26024a020c9c7cc67ecdaad0a21998521e749d6143de0b614e8df5fb516a2c4514bb6247a1e63c7f78687063d
-
SSDEEP
24576:Ty0W1K8OVMGhq9eEegpdPY5IY+mHuC4LePNbx:m91kVRapdw5IY+VC4Le
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1