General
-
Target
c548d0fab7e854a99b82604c2aaca75a4ae1b9d21ecf0851c277df20d572b897
-
Size
569KB
-
Sample
241109-edcxsswmes
-
MD5
765ba94352bfa0d803cd34fc64b474ed
-
SHA1
ee2b927d27d026e28a099eac39a207d2abb28566
-
SHA256
c548d0fab7e854a99b82604c2aaca75a4ae1b9d21ecf0851c277df20d572b897
-
SHA512
a4127c5f00fc6e0bce57c147d41dfb33cf9c63880f539792b0260f1afcf59399ee6e820c21abce34185bc509963d70b8b6f77d67f558db3184e3c62c5bd9911a
-
SSDEEP
12288:sy90w3p2FhBrUaF5dTnhY8L0LT3hA04L10/:sy35HaxTnrLYRmI
Static task
static1
Behavioral task
behavioral1
Sample
c548d0fab7e854a99b82604c2aaca75a4ae1b9d21ecf0851c277df20d572b897.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c548d0fab7e854a99b82604c2aaca75a4ae1b9d21ecf0851c277df20d572b897
-
Size
569KB
-
MD5
765ba94352bfa0d803cd34fc64b474ed
-
SHA1
ee2b927d27d026e28a099eac39a207d2abb28566
-
SHA256
c548d0fab7e854a99b82604c2aaca75a4ae1b9d21ecf0851c277df20d572b897
-
SHA512
a4127c5f00fc6e0bce57c147d41dfb33cf9c63880f539792b0260f1afcf59399ee6e820c21abce34185bc509963d70b8b6f77d67f558db3184e3c62c5bd9911a
-
SSDEEP
12288:sy90w3p2FhBrUaF5dTnhY8L0LT3hA04L10/:sy35HaxTnrLYRmI
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1