General
-
Target
441d6cf16f4a1a5cfa86760ac3935b9ddcf1191014376658126dba745265c252
-
Size
308KB
-
Sample
241109-f38ansxqaw
-
MD5
1c44e92468ed66d4f2405c0d1109e6cc
-
SHA1
9e9573f63438610fa875667824ca4264467ee1b2
-
SHA256
441d6cf16f4a1a5cfa86760ac3935b9ddcf1191014376658126dba745265c252
-
SHA512
108ac8c9687c19bbb21b0aa8bd809cc715aec89fd1f4be37cbc77185034ed9d5aa7c191510f7390c053c90e392d0cb686d3a85f17fb13ad2e5918563842602a5
-
SSDEEP
6144:Kcy+bnr+Fp0yN90QENlEY+zbPs64JPhigDVkNqvCmpNry:cMrpy90bb+zReZBDVeDmS
Static task
static1
Behavioral task
behavioral1
Sample
441d6cf16f4a1a5cfa86760ac3935b9ddcf1191014376658126dba745265c252.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
441d6cf16f4a1a5cfa86760ac3935b9ddcf1191014376658126dba745265c252
-
Size
308KB
-
MD5
1c44e92468ed66d4f2405c0d1109e6cc
-
SHA1
9e9573f63438610fa875667824ca4264467ee1b2
-
SHA256
441d6cf16f4a1a5cfa86760ac3935b9ddcf1191014376658126dba745265c252
-
SHA512
108ac8c9687c19bbb21b0aa8bd809cc715aec89fd1f4be37cbc77185034ed9d5aa7c191510f7390c053c90e392d0cb686d3a85f17fb13ad2e5918563842602a5
-
SSDEEP
6144:Kcy+bnr+Fp0yN90QENlEY+zbPs64JPhigDVkNqvCmpNry:cMrpy90bb+zReZBDVeDmS
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1