General
-
Target
cd2b34d51e5c4111fa368e5c636fda3b00ca532179520088fcfa9185cba2eb83
-
Size
550KB
-
Sample
241109-ec26aswmdy
-
MD5
42903bcba8ab11893bb0dead79524b9e
-
SHA1
f4c74bbaa3f1a39da7dba5857cc8d6353fd9ce55
-
SHA256
cd2b34d51e5c4111fa368e5c636fda3b00ca532179520088fcfa9185cba2eb83
-
SHA512
2d6e32708e604f08be61343ba5b506c2b2fde72cf188cc3e13ae1977fd4bee85fa89a2c45c8825f12f02818727177ef8992b64ccd8a8d76835d18cb4da98f337
-
SSDEEP
12288:Sy902XH5I1JemHuIsXMRPCmVo7zeMF119drnJY8c07iZQfzka1:SyBecmHsMRPCmKVFXXrnTcQoa1
Static task
static1
Behavioral task
behavioral1
Sample
cd2b34d51e5c4111fa368e5c636fda3b00ca532179520088fcfa9185cba2eb83.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
cd2b34d51e5c4111fa368e5c636fda3b00ca532179520088fcfa9185cba2eb83
-
Size
550KB
-
MD5
42903bcba8ab11893bb0dead79524b9e
-
SHA1
f4c74bbaa3f1a39da7dba5857cc8d6353fd9ce55
-
SHA256
cd2b34d51e5c4111fa368e5c636fda3b00ca532179520088fcfa9185cba2eb83
-
SHA512
2d6e32708e604f08be61343ba5b506c2b2fde72cf188cc3e13ae1977fd4bee85fa89a2c45c8825f12f02818727177ef8992b64ccd8a8d76835d18cb4da98f337
-
SSDEEP
12288:Sy902XH5I1JemHuIsXMRPCmVo7zeMF119drnJY8c07iZQfzka1:SyBecmHsMRPCmKVFXXrnTcQoa1
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1