General
-
Target
c35c5568a760f4b03ad1f0316d56008bd0e42e8f9378a99af8dcddb633c34ea3
-
Size
697KB
-
Sample
241109-1htl1awjaq
-
MD5
db68724b043fbb8561de194ab63b83a2
-
SHA1
45b7d2cfc356a47b10122d1d081a2800ff4e5515
-
SHA256
c35c5568a760f4b03ad1f0316d56008bd0e42e8f9378a99af8dcddb633c34ea3
-
SHA512
eec2b90b041be6e18f6c49bc9e57e81618026eb46d0545a3e16b2b5974dec9a6711f72af309048213bf5e1650f440fb74554ac2f0de09a3422ce2e4ca01ca13d
-
SSDEEP
12288:By90DtDl73tVmetssNWeC7L5ha+VdtGAcZh6SBH2Kkpdr8bgjzlbmW66q:ByUll73tVmetss/W5hRdyVBWKkp18bgO
Static task
static1
Behavioral task
behavioral1
Sample
c35c5568a760f4b03ad1f0316d56008bd0e42e8f9378a99af8dcddb633c34ea3.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c35c5568a760f4b03ad1f0316d56008bd0e42e8f9378a99af8dcddb633c34ea3
-
Size
697KB
-
MD5
db68724b043fbb8561de194ab63b83a2
-
SHA1
45b7d2cfc356a47b10122d1d081a2800ff4e5515
-
SHA256
c35c5568a760f4b03ad1f0316d56008bd0e42e8f9378a99af8dcddb633c34ea3
-
SHA512
eec2b90b041be6e18f6c49bc9e57e81618026eb46d0545a3e16b2b5974dec9a6711f72af309048213bf5e1650f440fb74554ac2f0de09a3422ce2e4ca01ca13d
-
SSDEEP
12288:By90DtDl73tVmetssNWeC7L5ha+VdtGAcZh6SBH2Kkpdr8bgjzlbmW66q:ByUll73tVmetss/W5hRdyVBWKkp18bgO
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1