General
-
Target
26f673c2733caaf2ff9310a4f765a6ca85cebd0a8bea3796ad7c23975acd7ab2
-
Size
617KB
-
Sample
241109-f3481sydnq
-
MD5
6c54a06fa128eaa56c9453d780cff35f
-
SHA1
c52dad1d32561a8367b8665ac5e08490381c7e60
-
SHA256
26f673c2733caaf2ff9310a4f765a6ca85cebd0a8bea3796ad7c23975acd7ab2
-
SHA512
157e4b883948d38e96a5566311abb7d48076e56f97a847202c626a6a0b784b51eb3408f0cfe53065f5078efd9fc3360bbf5e4c6ad9be460731f4fe85aa17cdca
-
SSDEEP
12288:py906GovyZUxsFN5794Zg9OvzxdYKlWIe937BIWQo:pyUmXeN57Ke29SKU9VI6
Static task
static1
Behavioral task
behavioral1
Sample
26f673c2733caaf2ff9310a4f765a6ca85cebd0a8bea3796ad7c23975acd7ab2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
26f673c2733caaf2ff9310a4f765a6ca85cebd0a8bea3796ad7c23975acd7ab2
-
Size
617KB
-
MD5
6c54a06fa128eaa56c9453d780cff35f
-
SHA1
c52dad1d32561a8367b8665ac5e08490381c7e60
-
SHA256
26f673c2733caaf2ff9310a4f765a6ca85cebd0a8bea3796ad7c23975acd7ab2
-
SHA512
157e4b883948d38e96a5566311abb7d48076e56f97a847202c626a6a0b784b51eb3408f0cfe53065f5078efd9fc3360bbf5e4c6ad9be460731f4fe85aa17cdca
-
SSDEEP
12288:py906GovyZUxsFN5794Zg9OvzxdYKlWIe937BIWQo:pyUmXeN57Ke29SKU9VI6
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1