General
-
Target
765d6b740e69769c384b555b8ef377214ca071bec4f85b8398096a7739d04a4a
-
Size
563KB
-
Sample
241104-qvn7yazglc
-
MD5
f55b7a18bca7d1790ef62ac229ba7fca
-
SHA1
b027f7df64825c6bf236eb6fc8685f675e673980
-
SHA256
765d6b740e69769c384b555b8ef377214ca071bec4f85b8398096a7739d04a4a
-
SHA512
0a15b5b5d178cdfbaba9b62ff2a357c37348286898f48a963af2a81529ec8e9befd4e6646a4c143aa235230c22d227f07ac01ee7323553b3af118957bcbad87f
-
SSDEEP
12288:Uy90D0htWr9rPpQMD2CGUGREf3pWsV0rjea2kteMk:UySFiMDHGNREfZWZCRkDk
Static task
static1
Behavioral task
behavioral1
Sample
765d6b740e69769c384b555b8ef377214ca071bec4f85b8398096a7739d04a4a.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
765d6b740e69769c384b555b8ef377214ca071bec4f85b8398096a7739d04a4a
-
Size
563KB
-
MD5
f55b7a18bca7d1790ef62ac229ba7fca
-
SHA1
b027f7df64825c6bf236eb6fc8685f675e673980
-
SHA256
765d6b740e69769c384b555b8ef377214ca071bec4f85b8398096a7739d04a4a
-
SHA512
0a15b5b5d178cdfbaba9b62ff2a357c37348286898f48a963af2a81529ec8e9befd4e6646a4c143aa235230c22d227f07ac01ee7323553b3af118957bcbad87f
-
SSDEEP
12288:Uy90D0htWr9rPpQMD2CGUGREf3pWsV0rjea2kteMk:UySFiMDHGNREfZWZCRkDk
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1