General
-
Target
879cddefdd04de096aa19c799ce82144db7b792c97e1a2ab81bfc0d8823681b3
-
Size
747KB
-
Sample
241104-qwm19szlbz
-
MD5
c74892d6263d802b9f25628c1713f130
-
SHA1
c2b590f8afd24d8c42edd2097a31c87116e60b98
-
SHA256
879cddefdd04de096aa19c799ce82144db7b792c97e1a2ab81bfc0d8823681b3
-
SHA512
e497b66d3145d1c08f89ec6574d92a70a30c5f6301170c1552f705cffc553ce872b551a4b41ee71477cff467327c773293e3de7b08d0fa7f8828d47153d214d1
-
SSDEEP
12288:PAy90f8WPqKYg1wjdv2sk/wrFK/xPMjhEX0uyORi+W8aDs7w1vAf8C:PAym807lsk/mFKJPMY/YQ7wvVC
Static task
static1
Behavioral task
behavioral1
Sample
879cddefdd04de096aa19c799ce82144db7b792c97e1a2ab81bfc0d8823681b3.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
879cddefdd04de096aa19c799ce82144db7b792c97e1a2ab81bfc0d8823681b3
-
Size
747KB
-
MD5
c74892d6263d802b9f25628c1713f130
-
SHA1
c2b590f8afd24d8c42edd2097a31c87116e60b98
-
SHA256
879cddefdd04de096aa19c799ce82144db7b792c97e1a2ab81bfc0d8823681b3
-
SHA512
e497b66d3145d1c08f89ec6574d92a70a30c5f6301170c1552f705cffc553ce872b551a4b41ee71477cff467327c773293e3de7b08d0fa7f8828d47153d214d1
-
SSDEEP
12288:PAy90f8WPqKYg1wjdv2sk/wrFK/xPMjhEX0uyORi+W8aDs7w1vAf8C:PAym807lsk/mFKJPMY/YQ7wvVC
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1