General
-
Target
9645b82809bb8faf18a8ed1bcba99b2a2770469303c7a0fe1d96dbe9c57dfb5c
-
Size
538KB
-
Sample
241109-fj2zjsyalm
-
MD5
c91f0754e55e27babc2d972a2f2546de
-
SHA1
ba9658b2891f0b33e429259cc0bfabfc018e6332
-
SHA256
9645b82809bb8faf18a8ed1bcba99b2a2770469303c7a0fe1d96dbe9c57dfb5c
-
SHA512
cca6f08a6f0dd5ad95ecb22d881a6721567ab42d5a5ca42142ede8750f8135c040d0c34da2f66c0b620cf8a081e6999fda7be686b3e964d6e70a58eabe766c78
-
SSDEEP
12288:VMr3y90TqD+V2tguv5kAAoyEgTaSwjPNGsRTD9/db3yfL:Ky+VeJhk9obgTaScPN/RX9Fbu
Static task
static1
Behavioral task
behavioral1
Sample
9645b82809bb8faf18a8ed1bcba99b2a2770469303c7a0fe1d96dbe9c57dfb5c.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rosto
hueref.eu:4162
-
auth_value
07d81eba8cad42bbd0ae60042d48eac6
Targets
-
-
Target
9645b82809bb8faf18a8ed1bcba99b2a2770469303c7a0fe1d96dbe9c57dfb5c
-
Size
538KB
-
MD5
c91f0754e55e27babc2d972a2f2546de
-
SHA1
ba9658b2891f0b33e429259cc0bfabfc018e6332
-
SHA256
9645b82809bb8faf18a8ed1bcba99b2a2770469303c7a0fe1d96dbe9c57dfb5c
-
SHA512
cca6f08a6f0dd5ad95ecb22d881a6721567ab42d5a5ca42142ede8750f8135c040d0c34da2f66c0b620cf8a081e6999fda7be686b3e964d6e70a58eabe766c78
-
SSDEEP
12288:VMr3y90TqD+V2tguv5kAAoyEgTaSwjPNGsRTD9/db3yfL:Ky+VeJhk9obgTaScPN/RX9Fbu
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1