General
-
Target
7838df9015a1fb254f8ebb76d50a0311f48cef47c1790fc33330d7034cb41e1b
-
Size
479KB
-
Sample
241104-qwd4cs1brq
-
MD5
9d45003bbd9cd2f80671082546ed872e
-
SHA1
64e6057f4ca9c2cf00fb83254aa523a2061adf43
-
SHA256
7838df9015a1fb254f8ebb76d50a0311f48cef47c1790fc33330d7034cb41e1b
-
SHA512
6c59091cde77a57156a3d4ff9920e9fc9cfaa0188cbb549b7dfa14e5788577f0f305c214ec7d9d8089e1fa15f1c03fd19e58fc082f9e8385bab693ca32734381
-
SSDEEP
12288:SMrxy90pYX2iHi5TxdLQ7ep9nX1XcBEMPPxtJGHu:DykEi5TjMmlXc9qu
Static task
static1
Behavioral task
behavioral1
Sample
7838df9015a1fb254f8ebb76d50a0311f48cef47c1790fc33330d7034cb41e1b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7838df9015a1fb254f8ebb76d50a0311f48cef47c1790fc33330d7034cb41e1b
-
Size
479KB
-
MD5
9d45003bbd9cd2f80671082546ed872e
-
SHA1
64e6057f4ca9c2cf00fb83254aa523a2061adf43
-
SHA256
7838df9015a1fb254f8ebb76d50a0311f48cef47c1790fc33330d7034cb41e1b
-
SHA512
6c59091cde77a57156a3d4ff9920e9fc9cfaa0188cbb549b7dfa14e5788577f0f305c214ec7d9d8089e1fa15f1c03fd19e58fc082f9e8385bab693ca32734381
-
SSDEEP
12288:SMrxy90pYX2iHi5TxdLQ7ep9nX1XcBEMPPxtJGHu:DykEi5TjMmlXc9qu
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1