General
-
Target
462feafb5675d89722f2271208e61dffa3cdb9d817ba7e6c18d2a8d1305926b2
-
Size
694KB
-
Sample
241109-f2vces1ndm
-
MD5
986c50a319fccb3ed53dd2adbd206806
-
SHA1
d7f7f1fb81b248928381abe218314e8b4aec9e7e
-
SHA256
462feafb5675d89722f2271208e61dffa3cdb9d817ba7e6c18d2a8d1305926b2
-
SHA512
cabc7a97c42a6cac15aefebff434e10e6503774660247fcab49375f753d3c2ce7fc644cdb668d0c9465a872bc66146e29249395c4e0f9cae9a242440e4027282
-
SSDEEP
12288:wy908DqNq9NJJJSz5UpUlSSrEz7wjTnkdvVzTJFOC+qJK:wyCNqxJJ45UG9rs7fdvFTJtK
Static task
static1
Behavioral task
behavioral1
Sample
462feafb5675d89722f2271208e61dffa3cdb9d817ba7e6c18d2a8d1305926b2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
462feafb5675d89722f2271208e61dffa3cdb9d817ba7e6c18d2a8d1305926b2
-
Size
694KB
-
MD5
986c50a319fccb3ed53dd2adbd206806
-
SHA1
d7f7f1fb81b248928381abe218314e8b4aec9e7e
-
SHA256
462feafb5675d89722f2271208e61dffa3cdb9d817ba7e6c18d2a8d1305926b2
-
SHA512
cabc7a97c42a6cac15aefebff434e10e6503774660247fcab49375f753d3c2ce7fc644cdb668d0c9465a872bc66146e29249395c4e0f9cae9a242440e4027282
-
SSDEEP
12288:wy908DqNq9NJJJSz5UpUlSSrEz7wjTnkdvVzTJFOC+qJK:wyCNqxJJ45UG9rs7fdvFTJtK
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1