General
-
Target
fc3c6bbfea5e11a501662fb8b089d4a78987cb45ec33bc29d6fe6eac410ebac6
-
Size
990KB
-
Sample
241109-1tg3cawlap
-
MD5
1cf96f4c4a79fcb074e3f8a539d3d079
-
SHA1
77ec883b0da61b82f06ae64f1fbb9ec03c692c15
-
SHA256
fc3c6bbfea5e11a501662fb8b089d4a78987cb45ec33bc29d6fe6eac410ebac6
-
SHA512
83a851ecc848524d52ea8b67e719d321972f4eba51375e5664d59ef9d893a53b3396cc928b04a5c7f3b79e44e56022c4767d3e9ce878c78a47c1b4e28c4f27d0
-
SSDEEP
24576:SnUoY7pfy8Yg7Q7TsRZcKeD2Mzlnk+IY8Mlf:97By87STskKefd5
Static task
static1
Behavioral task
behavioral1
Sample
fc3c6bbfea5e11a501662fb8b089d4a78987cb45ec33bc29d6fe6eac410ebac6.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
fc3c6bbfea5e11a501662fb8b089d4a78987cb45ec33bc29d6fe6eac410ebac6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
fc3c6bbfea5e11a501662fb8b089d4a78987cb45ec33bc29d6fe6eac410ebac6
-
Size
990KB
-
MD5
1cf96f4c4a79fcb074e3f8a539d3d079
-
SHA1
77ec883b0da61b82f06ae64f1fbb9ec03c692c15
-
SHA256
fc3c6bbfea5e11a501662fb8b089d4a78987cb45ec33bc29d6fe6eac410ebac6
-
SHA512
83a851ecc848524d52ea8b67e719d321972f4eba51375e5664d59ef9d893a53b3396cc928b04a5c7f3b79e44e56022c4767d3e9ce878c78a47c1b4e28c4f27d0
-
SSDEEP
24576:SnUoY7pfy8Yg7Q7TsRZcKeD2Mzlnk+IY8Mlf:97By87STskKefd5
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1