General
-
Target
85815574a947db48abab8e9a97d1d7b0846d1e0970bbb649966069d32ad2e7b0
-
Size
966KB
-
Sample
241109-ecqr9sxbjk
-
MD5
c7ad3c8e9c80c92634bb4f070b2369bb
-
SHA1
d0ba9fba8c322ee8db823735ef6676265efd7299
-
SHA256
85815574a947db48abab8e9a97d1d7b0846d1e0970bbb649966069d32ad2e7b0
-
SHA512
648f91f81df095f3ee4efc262dd28190df1e132626cf474d66c6f221dbac99eef5238cd80335db3a1657a6a8b420918c610f810e4ab910b55ebea6b46b22fe51
-
SSDEEP
24576:EyiYVQcDzEerAoLuO1oxC4FOcTGK0UvDq:TNVQcDAaTroxC4FOcT
Static task
static1
Behavioral task
behavioral1
Sample
85815574a947db48abab8e9a97d1d7b0846d1e0970bbb649966069d32ad2e7b0.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
85815574a947db48abab8e9a97d1d7b0846d1e0970bbb649966069d32ad2e7b0
-
Size
966KB
-
MD5
c7ad3c8e9c80c92634bb4f070b2369bb
-
SHA1
d0ba9fba8c322ee8db823735ef6676265efd7299
-
SHA256
85815574a947db48abab8e9a97d1d7b0846d1e0970bbb649966069d32ad2e7b0
-
SHA512
648f91f81df095f3ee4efc262dd28190df1e132626cf474d66c6f221dbac99eef5238cd80335db3a1657a6a8b420918c610f810e4ab910b55ebea6b46b22fe51
-
SSDEEP
24576:EyiYVQcDzEerAoLuO1oxC4FOcTGK0UvDq:TNVQcDAaTroxC4FOcT
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1