General
-
Target
e43e26437c49079425df6bfd6997cb8052123c99d41a2f8ce159a80cc0f85597
-
Size
559KB
-
Sample
241109-eegblswmf1
-
MD5
48a5656cab568cdfdc48b7fedbf9d9ff
-
SHA1
e349711f9df63b330375829f05ee73a6672b8fe0
-
SHA256
e43e26437c49079425df6bfd6997cb8052123c99d41a2f8ce159a80cc0f85597
-
SHA512
b951fe7d6c9e89030dfadc2b7a5fc811c87db9e182f219a570e413545d60876770fcd3fbe6049ea9b0d95235c88eab2ab8f367976af6ecf696a2ea008fe60cc2
-
SSDEEP
6144:6pp0yN90QESDCQWB/+C1IiTvje5ei1QAOgWp6x0iHZEcLuwmiQk1FlFe0KgxNAH8:Vy90QATWei1Qdf6uWZEcq/uxcHF6mo
Static task
static1
Behavioral task
behavioral1
Sample
e43e26437c49079425df6bfd6997cb8052123c99d41a2f8ce159a80cc0f85597.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e43e26437c49079425df6bfd6997cb8052123c99d41a2f8ce159a80cc0f85597
-
Size
559KB
-
MD5
48a5656cab568cdfdc48b7fedbf9d9ff
-
SHA1
e349711f9df63b330375829f05ee73a6672b8fe0
-
SHA256
e43e26437c49079425df6bfd6997cb8052123c99d41a2f8ce159a80cc0f85597
-
SHA512
b951fe7d6c9e89030dfadc2b7a5fc811c87db9e182f219a570e413545d60876770fcd3fbe6049ea9b0d95235c88eab2ab8f367976af6ecf696a2ea008fe60cc2
-
SSDEEP
6144:6pp0yN90QESDCQWB/+C1IiTvje5ei1QAOgWp6x0iHZEcLuwmiQk1FlFe0KgxNAH8:Vy90QATWei1Qdf6uWZEcq/uxcHF6mo
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1