General
-
Target
47ae8692d32e264d867e99589178db87c1ae5f652fde660641f0d351ef9b4de7
-
Size
1.2MB
-
Sample
241104-qwfl7asrdl
-
MD5
51ddb16442c8ab5782c61f0d7dfb8975
-
SHA1
90daf9e6b04342ac9bd45edb164af5e1a2693852
-
SHA256
47ae8692d32e264d867e99589178db87c1ae5f652fde660641f0d351ef9b4de7
-
SHA512
a3362287844e0b965903195ffe689271b8de22ddce02893e9a8c5a7ecb5118326010d62cd4dceef8793c4ad7e6c19e7e1160b4b1aa70c56f16525623fec2d658
-
SSDEEP
24576:Gc9RstFRHwzmMZlFXCTYaOo2QduHmp8tagFhXskm:GcQrSmdcpOdp/gX
Static task
static1
Behavioral task
behavioral1
Sample
47ae8692d32e264d867e99589178db87c1ae5f652fde660641f0d351ef9b4de7.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
47ae8692d32e264d867e99589178db87c1ae5f652fde660641f0d351ef9b4de7.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
47ae8692d32e264d867e99589178db87c1ae5f652fde660641f0d351ef9b4de7
-
Size
1.2MB
-
MD5
51ddb16442c8ab5782c61f0d7dfb8975
-
SHA1
90daf9e6b04342ac9bd45edb164af5e1a2693852
-
SHA256
47ae8692d32e264d867e99589178db87c1ae5f652fde660641f0d351ef9b4de7
-
SHA512
a3362287844e0b965903195ffe689271b8de22ddce02893e9a8c5a7ecb5118326010d62cd4dceef8793c4ad7e6c19e7e1160b4b1aa70c56f16525623fec2d658
-
SSDEEP
24576:Gc9RstFRHwzmMZlFXCTYaOo2QduHmp8tagFhXskm:GcQrSmdcpOdp/gX
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1