General
-
Target
667300979183f57a21fef22cc152cb929a17619d788f5a037d4b9641c384f281
-
Size
936KB
-
Sample
241109-eqn6laxdpn
-
MD5
ff85e4da13f028a8b77c0e07431e487c
-
SHA1
7170a197502fa0a27287a14f2f13bf4f589c13f2
-
SHA256
667300979183f57a21fef22cc152cb929a17619d788f5a037d4b9641c384f281
-
SHA512
c6555b2f382ca382f30a2d11b4ff6f10144f24911ce3d1d99bb0d5a46f21f4c4d67286c3160d962eda05ca34195beb991a3d2118744351f89ea9c5c6b4600317
-
SSDEEP
24576:SyDHYdPjopUzMOrqj/kqxzt321QGBvxB0X1CK:5TYdPA/IqgGoWwZOlC
Static task
static1
Behavioral task
behavioral1
Sample
667300979183f57a21fef22cc152cb929a17619d788f5a037d4b9641c384f281.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
667300979183f57a21fef22cc152cb929a17619d788f5a037d4b9641c384f281
-
Size
936KB
-
MD5
ff85e4da13f028a8b77c0e07431e487c
-
SHA1
7170a197502fa0a27287a14f2f13bf4f589c13f2
-
SHA256
667300979183f57a21fef22cc152cb929a17619d788f5a037d4b9641c384f281
-
SHA512
c6555b2f382ca382f30a2d11b4ff6f10144f24911ce3d1d99bb0d5a46f21f4c4d67286c3160d962eda05ca34195beb991a3d2118744351f89ea9c5c6b4600317
-
SSDEEP
24576:SyDHYdPjopUzMOrqj/kqxzt321QGBvxB0X1CK:5TYdPA/IqgGoWwZOlC
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1