General
-
Target
8cf789c998abd5d05a87efd6c0aa4c4d6fe294bc1547d3ec20d77b6c83a5878f
-
Size
697KB
-
Sample
241109-ejv1kaxbrg
-
MD5
8257ca0a6b8b14a4afa6969d1be82242
-
SHA1
5e8234f1818eb70fab059bcd869b9d62be1e35e6
-
SHA256
8cf789c998abd5d05a87efd6c0aa4c4d6fe294bc1547d3ec20d77b6c83a5878f
-
SHA512
f49642dda621e11ec79d561332ffe33df133bf196846fc87197897ae86dc0841329fbdc4585b8434a0a9705a1ac04cfb140f56ad27e8b9ebe08c218def12a1e2
-
SSDEEP
12288:Zy90T9YHVOGsrqDJnYA//FevAjPejVoVwzxmsofBPkUSwdCVK175bggxmX:ZyoKVO1+ZWjCVtsofdkPwAIVbJxq
Static task
static1
Behavioral task
behavioral1
Sample
8cf789c998abd5d05a87efd6c0aa4c4d6fe294bc1547d3ec20d77b6c83a5878f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8cf789c998abd5d05a87efd6c0aa4c4d6fe294bc1547d3ec20d77b6c83a5878f
-
Size
697KB
-
MD5
8257ca0a6b8b14a4afa6969d1be82242
-
SHA1
5e8234f1818eb70fab059bcd869b9d62be1e35e6
-
SHA256
8cf789c998abd5d05a87efd6c0aa4c4d6fe294bc1547d3ec20d77b6c83a5878f
-
SHA512
f49642dda621e11ec79d561332ffe33df133bf196846fc87197897ae86dc0841329fbdc4585b8434a0a9705a1ac04cfb140f56ad27e8b9ebe08c218def12a1e2
-
SSDEEP
12288:Zy90T9YHVOGsrqDJnYA//FevAjPejVoVwzxmsofBPkUSwdCVK175bggxmX:ZyoKVO1+ZWjCVtsofdkPwAIVbJxq
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1