General
-
Target
df875987cbb8c817be1e00f8fa0669575a3c82c306fb3ffc22bd5cafe9bc9646
-
Size
806KB
-
Sample
241109-1hdksasgqh
-
MD5
7ae5db256b32a1c7a331af2ad9a6c0cc
-
SHA1
0c63f1ef4a073f6133fd86f77cef150c00b738ed
-
SHA256
df875987cbb8c817be1e00f8fa0669575a3c82c306fb3ffc22bd5cafe9bc9646
-
SHA512
6e864e2a736e5aba18de7a306504e00456a0db6f34751a8454d7a7575bb78e585da36a14280af4de67e0436b3b195f6b3a2ef155e83efd93f4d47c8a348d3bb9
-
SSDEEP
24576:9y7vhl8lpAjR9zu1plnUp/1NEAM0NqQBA:Y7vhl8lpAjRo1plUptU2
Static task
static1
Behavioral task
behavioral1
Sample
df875987cbb8c817be1e00f8fa0669575a3c82c306fb3ffc22bd5cafe9bc9646.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
df875987cbb8c817be1e00f8fa0669575a3c82c306fb3ffc22bd5cafe9bc9646
-
Size
806KB
-
MD5
7ae5db256b32a1c7a331af2ad9a6c0cc
-
SHA1
0c63f1ef4a073f6133fd86f77cef150c00b738ed
-
SHA256
df875987cbb8c817be1e00f8fa0669575a3c82c306fb3ffc22bd5cafe9bc9646
-
SHA512
6e864e2a736e5aba18de7a306504e00456a0db6f34751a8454d7a7575bb78e585da36a14280af4de67e0436b3b195f6b3a2ef155e83efd93f4d47c8a348d3bb9
-
SSDEEP
24576:9y7vhl8lpAjR9zu1plnUp/1NEAM0NqQBA:Y7vhl8lpAjRo1plUptU2
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1