General
-
Target
e673d24830b60510dae2d7b6a1b19fda0ac26a863db41f88f58fb4a50208554a
-
Size
706KB
-
Sample
241109-d5t5qawkgz
-
MD5
bc438fbf19838834d80d0487e2adc71b
-
SHA1
609247e3490ec1b7d4f160ec3abe4735cf239e1e
-
SHA256
e673d24830b60510dae2d7b6a1b19fda0ac26a863db41f88f58fb4a50208554a
-
SHA512
3cdbe1aadf04f3d7275031784f4bfc4ddc6692ca7b41a14c946bab2dec90bd5ae31483d34ca64d6e649fa96ac7f4548d63045bfa6f4aa1647efb8922826b7a8c
-
SSDEEP
12288:uy90DmWrl9N7GgmIzNx6WDTnOsAsmNZ9a7gkc/Audg2XoyzPM15Bki3awwi:uycrjNnztDbE7DIuZ4yg56i3awb
Static task
static1
Behavioral task
behavioral1
Sample
e673d24830b60510dae2d7b6a1b19fda0ac26a863db41f88f58fb4a50208554a.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e673d24830b60510dae2d7b6a1b19fda0ac26a863db41f88f58fb4a50208554a
-
Size
706KB
-
MD5
bc438fbf19838834d80d0487e2adc71b
-
SHA1
609247e3490ec1b7d4f160ec3abe4735cf239e1e
-
SHA256
e673d24830b60510dae2d7b6a1b19fda0ac26a863db41f88f58fb4a50208554a
-
SHA512
3cdbe1aadf04f3d7275031784f4bfc4ddc6692ca7b41a14c946bab2dec90bd5ae31483d34ca64d6e649fa96ac7f4548d63045bfa6f4aa1647efb8922826b7a8c
-
SSDEEP
12288:uy90DmWrl9N7GgmIzNx6WDTnOsAsmNZ9a7gkc/Audg2XoyzPM15Bki3awwi:uycrjNnztDbE7DIuZ4yg56i3awb
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1