General
-
Target
c6f1425b97f3b80bff4258fbc6f27299fb7d65ece0fa65ecbb812b3e17a2ddd4
-
Size
564KB
-
Sample
241109-d58ywawhqj
-
MD5
c434b13010434249281516270af5aa60
-
SHA1
6fb9bc14b3eee4f5f1fc84feceea11b61f88978f
-
SHA256
c6f1425b97f3b80bff4258fbc6f27299fb7d65ece0fa65ecbb812b3e17a2ddd4
-
SHA512
4cf536cc3b1d44d952d43dcccdee09cbbd23baa71dd599da1b2655ff58691a549b496b79cb60aa2cfddbd8b16d5fb959873697cd5fc3957ac056282c355194dd
-
SSDEEP
12288:0y9036ukylD6lTfN1CtIIWza03sKnMqAHIiV+S8pDWm:0ylujOxNsNe13s25AoicS8R
Static task
static1
Behavioral task
behavioral1
Sample
c6f1425b97f3b80bff4258fbc6f27299fb7d65ece0fa65ecbb812b3e17a2ddd4.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c6f1425b97f3b80bff4258fbc6f27299fb7d65ece0fa65ecbb812b3e17a2ddd4
-
Size
564KB
-
MD5
c434b13010434249281516270af5aa60
-
SHA1
6fb9bc14b3eee4f5f1fc84feceea11b61f88978f
-
SHA256
c6f1425b97f3b80bff4258fbc6f27299fb7d65ece0fa65ecbb812b3e17a2ddd4
-
SHA512
4cf536cc3b1d44d952d43dcccdee09cbbd23baa71dd599da1b2655ff58691a549b496b79cb60aa2cfddbd8b16d5fb959873697cd5fc3957ac056282c355194dd
-
SSDEEP
12288:0y9036ukylD6lTfN1CtIIWza03sKnMqAHIiV+S8pDWm:0ylujOxNsNe13s25AoicS8R
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1