General
-
Target
a4068f4779d054d9627116d795031fe760204bce12f4d11841b93519f3254046
-
Size
1.5MB
-
Sample
241109-d5e1sswhla
-
MD5
94bf64b1963ef4b30f1a0176a90c9e2a
-
SHA1
3ab1b1018401cab1c9657d16d995c5224dafeac9
-
SHA256
a4068f4779d054d9627116d795031fe760204bce12f4d11841b93519f3254046
-
SHA512
310792a884aa1071a5f002157acf8c8b3afcdcced662a95b3eb66b17f4f7530dd260a3a6ce36cbf107a17ef4f7416f5d8cc2dc88b34715eb57dabbeddf509f60
-
SSDEEP
49152:8q3L/vit3I7mLeNybLaK9jAVtqCEExyhT:Pjvit3I6LeNybLaK9kVLU5
Static task
static1
Behavioral task
behavioral1
Sample
a4068f4779d054d9627116d795031fe760204bce12f4d11841b93519f3254046.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a4068f4779d054d9627116d795031fe760204bce12f4d11841b93519f3254046
-
Size
1.5MB
-
MD5
94bf64b1963ef4b30f1a0176a90c9e2a
-
SHA1
3ab1b1018401cab1c9657d16d995c5224dafeac9
-
SHA256
a4068f4779d054d9627116d795031fe760204bce12f4d11841b93519f3254046
-
SHA512
310792a884aa1071a5f002157acf8c8b3afcdcced662a95b3eb66b17f4f7530dd260a3a6ce36cbf107a17ef4f7416f5d8cc2dc88b34715eb57dabbeddf509f60
-
SSDEEP
49152:8q3L/vit3I7mLeNybLaK9jAVtqCEExyhT:Pjvit3I6LeNybLaK9kVLU5
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1