Extracted

• • Target

    7ba37a68454e3af21b1d6ff0947f02dffbb63d6d045e710d554ea65f7231f8b8

  • Size

    700KB

  • MD5

    418b8e3f9d85270634310c58bd9d3511

  • SHA1

    d275d89cdfafdb24f5c7e8f89ba955a8091cba6d

  • SHA256

    7ba37a68454e3af21b1d6ff0947f02dffbb63d6d045e710d554ea65f7231f8b8

  • SHA512

    1f522dd3a23caacd0a668af3e863848ca2cda9c6c8008ef231a24f1088c90cf027046da17b4fccadec75d0ad0d9f865ea1e1b912fa824d95a112bfc4ca8f1fc3

  • SSDEEP

    12288:TMr6y90smrMtFrlwFtI9DoNcAEAkNljlVQYPMSSfzUi34ZZv+eec:9yAQPpqPE3jlaYj+GPGeec

  Score

  10^/10

  healerredlinerosndiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1