General
-
Target
03eee8066fc4aea6cad83546db504edf53c7b75dfdb9342ea36f8746544dffb1
-
Size
695KB
-
Sample
241109-eppezawpf1
-
MD5
156ab52eb566f533ef4cb3600ee4ed21
-
SHA1
0c77ed17148df2d06852054d18f2230ae1c07ba2
-
SHA256
03eee8066fc4aea6cad83546db504edf53c7b75dfdb9342ea36f8746544dffb1
-
SHA512
5467881c6d2ee3b756d984f089de67c180eee30b5274644c4f1ee5738a7b204468a5bd9e573a47a1fc4c08d691c6c6994683726bb08033aa47655de625c08ea9
-
SSDEEP
12288:fy90rmH9/UWfXctFjwpFT1Vuwj3Wk6FH18bVKIA+dt:fyumH9MmstBoF3uwjb6FH18bVLl
Static task
static1
Behavioral task
behavioral1
Sample
03eee8066fc4aea6cad83546db504edf53c7b75dfdb9342ea36f8746544dffb1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
03eee8066fc4aea6cad83546db504edf53c7b75dfdb9342ea36f8746544dffb1
-
Size
695KB
-
MD5
156ab52eb566f533ef4cb3600ee4ed21
-
SHA1
0c77ed17148df2d06852054d18f2230ae1c07ba2
-
SHA256
03eee8066fc4aea6cad83546db504edf53c7b75dfdb9342ea36f8746544dffb1
-
SHA512
5467881c6d2ee3b756d984f089de67c180eee30b5274644c4f1ee5738a7b204468a5bd9e573a47a1fc4c08d691c6c6994683726bb08033aa47655de625c08ea9
-
SSDEEP
12288:fy90rmH9/UWfXctFjwpFT1Vuwj3Wk6FH18bVKIA+dt:fyumH9MmstBoF3uwjb6FH18bVLl
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1