General
-
Target
d9a5e582be315154fd2344a90fd7f69feab45cf9a15e2e5d0c2038e3df462cff
-
Size
967KB
-
Sample
241109-ep1s1axdjg
-
MD5
1159f77e407005d942d1d638aacdbc65
-
SHA1
36110ffe8478575595cd4c0c02f0f16b7b493569
-
SHA256
d9a5e582be315154fd2344a90fd7f69feab45cf9a15e2e5d0c2038e3df462cff
-
SHA512
10bc1bc4d0eb4c3238760dc71c5111ac968cbc2d67764a5c6ce4c62344e627f71827eae4f6feabd1ebcc3cc0b02005b92d3310254378acb1ce9f093d02d75b90
-
SSDEEP
24576:KyPQ9nfev0Hi/r91pDlW0FogOiGf/Th4oUX5:Ro9fev0Hiz9FFnul4o
Static task
static1
Behavioral task
behavioral1
Sample
d9a5e582be315154fd2344a90fd7f69feab45cf9a15e2e5d0c2038e3df462cff.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d9a5e582be315154fd2344a90fd7f69feab45cf9a15e2e5d0c2038e3df462cff
-
Size
967KB
-
MD5
1159f77e407005d942d1d638aacdbc65
-
SHA1
36110ffe8478575595cd4c0c02f0f16b7b493569
-
SHA256
d9a5e582be315154fd2344a90fd7f69feab45cf9a15e2e5d0c2038e3df462cff
-
SHA512
10bc1bc4d0eb4c3238760dc71c5111ac968cbc2d67764a5c6ce4c62344e627f71827eae4f6feabd1ebcc3cc0b02005b92d3310254378acb1ce9f093d02d75b90
-
SSDEEP
24576:KyPQ9nfev0Hi/r91pDlW0FogOiGf/Th4oUX5:Ro9fev0Hiz9FFnul4o
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1