General
-
Target
747ce822c71b5b4e2cb112ee2c9a40d6542511193e89552d34632ca97a4cf817
-
Size
1.0MB
-
Sample
241104-rl8qna1fnj
-
MD5
09933ae4d3b29451129578a2b89e1beb
-
SHA1
101369508cd616c17915e222fd28135c5c66d480
-
SHA256
747ce822c71b5b4e2cb112ee2c9a40d6542511193e89552d34632ca97a4cf817
-
SHA512
6645bca8e84934be5de509e2751a796f1cb56f0eabd2098e8405256d8537bebca54e3590076a7437aeecb3303345ffcb5b6e158fce5fdcfe9649b136cd5c32a8
-
SSDEEP
24576:cy57eiqTH3h7iQt89fsuj8Jy1zBaZKkjibW1UZGM/84RCG:L571qH8DVN88gIbWSZGyTR
Malware Config
Targets
-
-
Target
747ce822c71b5b4e2cb112ee2c9a40d6542511193e89552d34632ca97a4cf817
-
Size
1.0MB
-
MD5
09933ae4d3b29451129578a2b89e1beb
-
SHA1
101369508cd616c17915e222fd28135c5c66d480
-
SHA256
747ce822c71b5b4e2cb112ee2c9a40d6542511193e89552d34632ca97a4cf817
-
SHA512
6645bca8e84934be5de509e2751a796f1cb56f0eabd2098e8405256d8537bebca54e3590076a7437aeecb3303345ffcb5b6e158fce5fdcfe9649b136cd5c32a8
-
SSDEEP
24576:cy57eiqTH3h7iQt89fsuj8Jy1zBaZKkjibW1UZGM/84RCG:L571qH8DVN88gIbWSZGyTR
Score10/10-
Detects Healer an antivirus disabler dropper
-
Healer
Healer an antivirus disabler dropper.
-
Healer family
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1