General

  • Target

    83ad3d9ccf2ceff168723f0fe69d3ccae5cc00fb256f99721369ca30653eb813

  • Size

    612KB

  • Sample

    241109-d7llcszjdq

  • MD5

    333d965e4779570a893238430ddbfd07

  • SHA1

    01b2141ee72133dfff368834eb7be2eadada01a1

  • SHA256

    83ad3d9ccf2ceff168723f0fe69d3ccae5cc00fb256f99721369ca30653eb813

  • SHA512

    eb1b33b2986ca82f3816f63b3012ed8f496b9b929d88ec0f742a262a25b2fe350d708ef6c2239c98a7be377118192c52565077c282ef48ae18aba68b7fd81450

  • SSDEEP

    12288:hy90xjOxHtztfIITJkrJOcwOjDFu7RyWPUXvo8:hyFNztwKINfjRQJPUfo8

Malware Config

Targets

    • Target

      83ad3d9ccf2ceff168723f0fe69d3ccae5cc00fb256f99721369ca30653eb813

    • Size

      612KB

    • MD5

      333d965e4779570a893238430ddbfd07

    • SHA1

      01b2141ee72133dfff368834eb7be2eadada01a1

    • SHA256

      83ad3d9ccf2ceff168723f0fe69d3ccae5cc00fb256f99721369ca30653eb813

    • SHA512

      eb1b33b2986ca82f3816f63b3012ed8f496b9b929d88ec0f742a262a25b2fe350d708ef6c2239c98a7be377118192c52565077c282ef48ae18aba68b7fd81450

    • SSDEEP

      12288:hy90xjOxHtztfIITJkrJOcwOjDFu7RyWPUXvo8:hyFNztwKINfjRQJPUfo8

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks