General
-
Target
5c940fd26e0b9ca0041893718bdf14d9244ebcb5a91fee19de13a59c52b59232
-
Size
1.3MB
-
Sample
241109-ejphsazlgl
-
MD5
dc098966246906f8d741340a01cbd2da
-
SHA1
69e2084cf43e5a9a433271f5679d6f3b9ba85629
-
SHA256
5c940fd26e0b9ca0041893718bdf14d9244ebcb5a91fee19de13a59c52b59232
-
SHA512
890c242e26a812095ceb3e9fd838a74bb7e76b3f31dd4be61ee3f1c3f3cf9d238a9fdcdc51c9b75f10577d430cb3eadcdcc53b339d22e5923758bace73109aad
-
SSDEEP
24576:2IKq5dNtV7We2GWqerZwO7Fk8YxeU5F8Si5LO+rImHhAs4ew2Hk4Q:2I/NKeU1ZwO+eUv8Sima5u4
Static task
static1
Behavioral task
behavioral1
Sample
5c940fd26e0b9ca0041893718bdf14d9244ebcb5a91fee19de13a59c52b59232.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
5c940fd26e0b9ca0041893718bdf14d9244ebcb5a91fee19de13a59c52b59232.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
5c940fd26e0b9ca0041893718bdf14d9244ebcb5a91fee19de13a59c52b59232
-
Size
1.3MB
-
MD5
dc098966246906f8d741340a01cbd2da
-
SHA1
69e2084cf43e5a9a433271f5679d6f3b9ba85629
-
SHA256
5c940fd26e0b9ca0041893718bdf14d9244ebcb5a91fee19de13a59c52b59232
-
SHA512
890c242e26a812095ceb3e9fd838a74bb7e76b3f31dd4be61ee3f1c3f3cf9d238a9fdcdc51c9b75f10577d430cb3eadcdcc53b339d22e5923758bace73109aad
-
SSDEEP
24576:2IKq5dNtV7We2GWqerZwO7Fk8YxeU5F8Si5LO+rImHhAs4ew2Hk4Q:2I/NKeU1ZwO+eUv8Sima5u4
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1