General
-
Target
c8d1a1202d55150de294658f499bc16e6eb8bedd47235afaf668b2288ab27b95
-
Size
540KB
-
Sample
241109-d48ayswkfy
-
MD5
a1a39f7c7949b5b0b215da7698a0cbc2
-
SHA1
9a93f60235744e87105c75cc90e38454e95f989b
-
SHA256
c8d1a1202d55150de294658f499bc16e6eb8bedd47235afaf668b2288ab27b95
-
SHA512
6ef8f0f8c547b09488fff09f608b7f97aa3900fcf928ae78da8ecb2b1e9e70e47343944e14a98c6c14dd92c87b59560ccad186a31429a8e92c3d663963273b17
-
SSDEEP
12288:ty90GgtRPqLRXVNr86mMmaDb1TRJfNo0tteH1YEJqWV+/:tyk2VZ86zNTBq1B9I
Static task
static1
Behavioral task
behavioral1
Sample
c8d1a1202d55150de294658f499bc16e6eb8bedd47235afaf668b2288ab27b95.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c8d1a1202d55150de294658f499bc16e6eb8bedd47235afaf668b2288ab27b95
-
Size
540KB
-
MD5
a1a39f7c7949b5b0b215da7698a0cbc2
-
SHA1
9a93f60235744e87105c75cc90e38454e95f989b
-
SHA256
c8d1a1202d55150de294658f499bc16e6eb8bedd47235afaf668b2288ab27b95
-
SHA512
6ef8f0f8c547b09488fff09f608b7f97aa3900fcf928ae78da8ecb2b1e9e70e47343944e14a98c6c14dd92c87b59560ccad186a31429a8e92c3d663963273b17
-
SSDEEP
12288:ty90GgtRPqLRXVNr86mMmaDb1TRJfNo0tteH1YEJqWV+/:tyk2VZ86zNTBq1B9I
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1