Extracted

• • Target

    92a3cacf353b52ae72515e0dac58e73c948558631c61cf2853bb62d47325e491

  • Size

    530KB

  • MD5

    3fd6d5f18bf08b4b813b6cc8c533ba26

  • SHA1

    219181babf1539a1700aefaab3d76dec6e8800a0

  • SHA256

    92a3cacf353b52ae72515e0dac58e73c948558631c61cf2853bb62d47325e491

  • SHA512

    8a3e517cf5301339651baa9698d6c2c2debeb0347a5ca5f948308b474e3201944e730de6b16fe1b10dfa828bcaf737842f32ef526cf76a23e509f3a378cfdb59

  • SSDEEP

    12288:SMrYy90oG/dW02HD+BRTIO245aU+hwk5o0/vCV1E:eyQX2j+BVwhwAAV1E

  Score

  10^/10

  healerredlinerosndiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1