General
-
Target
67201b343b1fa47a3568b6219fd4f4bb28072d29b5e32bf37f13b1a8700681f7
-
Size
920KB
-
Sample
241109-fhwq5s1kbj
-
MD5
835dee896e7a341ca98a22ca0847f457
-
SHA1
183a148c3d45b1b9d0d56c9b171e2cf316bddbf9
-
SHA256
67201b343b1fa47a3568b6219fd4f4bb28072d29b5e32bf37f13b1a8700681f7
-
SHA512
869a01afe2b60574fa9104239ef28750dbe0a2e5db04bbc7b385231a95b3d071aeb2de76c2035f1b04ab4ddfd49629b782ab3339412c79115048eba686f54e38
-
SSDEEP
24576:curBZ8DncUYo4IYo4IYo4IYxBRhxBRhxBRhxBRh2GWm2GWm2GWm2kymXEMC3txT0:atpnTM7GBQwTA0YlwHu1rD
Static task
static1
Behavioral task
behavioral1
Sample
67201b343b1fa47a3568b6219fd4f4bb28072d29b5e32bf37f13b1a8700681f7.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
67201b343b1fa47a3568b6219fd4f4bb28072d29b5e32bf37f13b1a8700681f7
-
Size
920KB
-
MD5
835dee896e7a341ca98a22ca0847f457
-
SHA1
183a148c3d45b1b9d0d56c9b171e2cf316bddbf9
-
SHA256
67201b343b1fa47a3568b6219fd4f4bb28072d29b5e32bf37f13b1a8700681f7
-
SHA512
869a01afe2b60574fa9104239ef28750dbe0a2e5db04bbc7b385231a95b3d071aeb2de76c2035f1b04ab4ddfd49629b782ab3339412c79115048eba686f54e38
-
SSDEEP
24576:curBZ8DncUYo4IYo4IYo4IYxBRhxBRhxBRhxBRh2GWm2GWm2GWm2kymXEMC3txT0:atpnTM7GBQwTA0YlwHu1rD
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1