General
-
Target
7733d78e69ed9ae3d51684345e5fda74c6e6cfdf04c81bee5ec4959ce061dced
-
Size
660KB
-
Sample
241109-epv8hszmhp
-
MD5
4dd0eb44d5acb2022e6a062685d46705
-
SHA1
c2aee4456847bc26daa4b6891f3c5d9abd06aab6
-
SHA256
7733d78e69ed9ae3d51684345e5fda74c6e6cfdf04c81bee5ec4959ce061dced
-
SHA512
a7b20469692e99ceacb2c8d93e234ec4970bf8f461cf4c52c9f4524cd4f723f17411b253bc32d0d4255af40800b65b46f09cb42e409a56cf779199bdca94418c
-
SSDEEP
12288:eMrqy90LSfLM4Lr6NvnXUQSNHPhg+vGPav1bogD7i9Q1lh/R:syQ4EnXUQSNPuj+zh/R
Static task
static1
Behavioral task
behavioral1
Sample
7733d78e69ed9ae3d51684345e5fda74c6e6cfdf04c81bee5ec4959ce061dced.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rosto
hueref.eu:4162
-
auth_value
07d81eba8cad42bbd0ae60042d48eac6
Targets
-
-
Target
7733d78e69ed9ae3d51684345e5fda74c6e6cfdf04c81bee5ec4959ce061dced
-
Size
660KB
-
MD5
4dd0eb44d5acb2022e6a062685d46705
-
SHA1
c2aee4456847bc26daa4b6891f3c5d9abd06aab6
-
SHA256
7733d78e69ed9ae3d51684345e5fda74c6e6cfdf04c81bee5ec4959ce061dced
-
SHA512
a7b20469692e99ceacb2c8d93e234ec4970bf8f461cf4c52c9f4524cd4f723f17411b253bc32d0d4255af40800b65b46f09cb42e409a56cf779199bdca94418c
-
SSDEEP
12288:eMrqy90LSfLM4Lr6NvnXUQSNHPhg+vGPav1bogD7i9Q1lh/R:syQ4EnXUQSNPuj+zh/R
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1