General
-
Target
832eca59de3f5f6be9e83401d5d8bb723bc42fab48c92165d7b9afadc6cd4365
-
Size
697KB
-
Sample
241109-ec9v5sxbkm
-
MD5
a258cbf75906073cc70f705df281025c
-
SHA1
a9c4a8cae5777883ab4c46f43a604bbbe0f8e7b0
-
SHA256
832eca59de3f5f6be9e83401d5d8bb723bc42fab48c92165d7b9afadc6cd4365
-
SHA512
8b2ef4d073a4c438d5a07225b1382757e80636580283689f662ffe018de808c627f105583d18a3315922c4f4cae8d90bf56fd800dc747f4392368425242b6759
-
SSDEEP
12288:Zy906GmY0R68tmAFCY82Ydv9a6WTTEUlBHUKgjTr89gj/GtUYNHm6wQh:Zy/Yr8tXFxm9WEaB0KgjP89gj406w4
Static task
static1
Behavioral task
behavioral1
Sample
832eca59de3f5f6be9e83401d5d8bb723bc42fab48c92165d7b9afadc6cd4365.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
832eca59de3f5f6be9e83401d5d8bb723bc42fab48c92165d7b9afadc6cd4365
-
Size
697KB
-
MD5
a258cbf75906073cc70f705df281025c
-
SHA1
a9c4a8cae5777883ab4c46f43a604bbbe0f8e7b0
-
SHA256
832eca59de3f5f6be9e83401d5d8bb723bc42fab48c92165d7b9afadc6cd4365
-
SHA512
8b2ef4d073a4c438d5a07225b1382757e80636580283689f662ffe018de808c627f105583d18a3315922c4f4cae8d90bf56fd800dc747f4392368425242b6759
-
SSDEEP
12288:Zy906GmY0R68tmAFCY82Ydv9a6WTTEUlBHUKgjTr89gj/GtUYNHm6wQh:Zy/Yr8tXFxm9WEaB0KgjP89gj406w4
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1