General
-
Target
92f58ce16c5dc76860c08560cd2073f270d81680f7dc735ce320beae3c374bbd
-
Size
690KB
-
Sample
241109-egk3kszlbn
-
MD5
e6c077fa3ff235a94ff006ab186dc714
-
SHA1
e4e3147f321a749f634e9cc211f07b8571530dd9
-
SHA256
92f58ce16c5dc76860c08560cd2073f270d81680f7dc735ce320beae3c374bbd
-
SHA512
1699ace331a9418220fe137b38b13f217d49cf05f16aedb6439500e5073e762cf4f709efeed00f5ffb52e89158b9b58abe02781625379e99b4f5c3f9e8568f9e
-
SSDEEP
12288:5y904At1vNOdDoH3Mul6kP5RW3kfRkFw1ke3WGhniN9mcGRWafsL:5yPAt1v0dDic46cRW3GRfiNscH
Static task
static1
Behavioral task
behavioral1
Sample
92f58ce16c5dc76860c08560cd2073f270d81680f7dc735ce320beae3c374bbd.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
92f58ce16c5dc76860c08560cd2073f270d81680f7dc735ce320beae3c374bbd
-
Size
690KB
-
MD5
e6c077fa3ff235a94ff006ab186dc714
-
SHA1
e4e3147f321a749f634e9cc211f07b8571530dd9
-
SHA256
92f58ce16c5dc76860c08560cd2073f270d81680f7dc735ce320beae3c374bbd
-
SHA512
1699ace331a9418220fe137b38b13f217d49cf05f16aedb6439500e5073e762cf4f709efeed00f5ffb52e89158b9b58abe02781625379e99b4f5c3f9e8568f9e
-
SSDEEP
12288:5y904At1vNOdDoH3Mul6kP5RW3kfRkFw1ke3WGhniN9mcGRWafsL:5yPAt1v0dDic46cRW3GRfiNscH
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1