General
-
Target
94e484f1c1bd18665a8fa0dd2e5548e8e9a77f92e40fc26706ea94fe723cab8c
-
Size
695KB
-
Sample
241104-zqtfjaxbqc
-
MD5
85ab66819a629da618c967ce2f33dd2d
-
SHA1
b0542b3a0ff0072cb7c74dae06d5582eb5a8ba87
-
SHA256
94e484f1c1bd18665a8fa0dd2e5548e8e9a77f92e40fc26706ea94fe723cab8c
-
SHA512
855c1632e120e3925dc79438ad93d493559c43928d27ec2c86cd8144f9fed835247e3d4c4c7c4dc66a378800c211b2a11063757f80865f6e3937ff6e0dd90f04
-
SSDEEP
12288:vy90Vzt4LpYEU/8r/+tZ9COyJA+f7Zl4mWv6Ut18bAKvA+6OoxPX0N:vyOiB5r/+tXCXEv6Ut18bAkMxPXo
Static task
static1
Behavioral task
behavioral1
Sample
94e484f1c1bd18665a8fa0dd2e5548e8e9a77f92e40fc26706ea94fe723cab8c.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
94e484f1c1bd18665a8fa0dd2e5548e8e9a77f92e40fc26706ea94fe723cab8c
-
Size
695KB
-
MD5
85ab66819a629da618c967ce2f33dd2d
-
SHA1
b0542b3a0ff0072cb7c74dae06d5582eb5a8ba87
-
SHA256
94e484f1c1bd18665a8fa0dd2e5548e8e9a77f92e40fc26706ea94fe723cab8c
-
SHA512
855c1632e120e3925dc79438ad93d493559c43928d27ec2c86cd8144f9fed835247e3d4c4c7c4dc66a378800c211b2a11063757f80865f6e3937ff6e0dd90f04
-
SSDEEP
12288:vy90Vzt4LpYEU/8r/+tZ9COyJA+f7Zl4mWv6Ut18bAKvA+6OoxPX0N:vyOiB5r/+tXCXEv6Ut18bAkMxPXo
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1