General
-
Target
2e693b82fba2e08529c89f27c20c2af6ea8ad7499ba13e7b4d515f3aa3f7ec91
-
Size
1.2MB
-
Sample
241109-eh7yqszlfk
-
MD5
bbc75cba0290d9a019ee4626f17178ae
-
SHA1
b16e4c0ae358f7fe8c2cfe2502767cbb0919862f
-
SHA256
2e693b82fba2e08529c89f27c20c2af6ea8ad7499ba13e7b4d515f3aa3f7ec91
-
SHA512
6890c07cf2ac4d82dcc81a75751ef6fd1c08ec848ece9061e7ad99aa80ad21a290ffac5861207e0f1aa58458d18e71df38ccd27a59a63ef4de9b177c6ecbb5a7
-
SSDEEP
24576:h0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:h0zNUYjkCcPoJgK3ss+y4bN
Static task
static1
Behavioral task
behavioral1
Sample
2e693b82fba2e08529c89f27c20c2af6ea8ad7499ba13e7b4d515f3aa3f7ec91.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
2e693b82fba2e08529c89f27c20c2af6ea8ad7499ba13e7b4d515f3aa3f7ec91.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2e693b82fba2e08529c89f27c20c2af6ea8ad7499ba13e7b4d515f3aa3f7ec91
-
Size
1.2MB
-
MD5
bbc75cba0290d9a019ee4626f17178ae
-
SHA1
b16e4c0ae358f7fe8c2cfe2502767cbb0919862f
-
SHA256
2e693b82fba2e08529c89f27c20c2af6ea8ad7499ba13e7b4d515f3aa3f7ec91
-
SHA512
6890c07cf2ac4d82dcc81a75751ef6fd1c08ec848ece9061e7ad99aa80ad21a290ffac5861207e0f1aa58458d18e71df38ccd27a59a63ef4de9b177c6ecbb5a7
-
SSDEEP
24576:h0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:h0zNUYjkCcPoJgK3ss+y4bN
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1