General
-
Target
6dfcde7d35486e7da96549e546ad50f27db72af91bffc3e50b95b878daf0e572
-
Size
705KB
-
Sample
241109-fjs2msyakc
-
MD5
a17e67001edef1c5ebd98ba3060e1918
-
SHA1
aae5970a99c11c810c37626db97067af1f787a2f
-
SHA256
6dfcde7d35486e7da96549e546ad50f27db72af91bffc3e50b95b878daf0e572
-
SHA512
ba464c0056581f0e3552ac4f27d5351ab72a6c33112233c7a23a793a278299411e1e140542a90270d33c008ccab856302c8b743381127b269930812e5ec57007
-
SSDEEP
12288:vy90iDgLpFH8VqHzlyYDiyLgWwYS0dg2/oyzP9Epj8rMQei:vycLXD5eyUWPFZQyKpoMQ9
Static task
static1
Behavioral task
behavioral1
Sample
6dfcde7d35486e7da96549e546ad50f27db72af91bffc3e50b95b878daf0e572.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6dfcde7d35486e7da96549e546ad50f27db72af91bffc3e50b95b878daf0e572
-
Size
705KB
-
MD5
a17e67001edef1c5ebd98ba3060e1918
-
SHA1
aae5970a99c11c810c37626db97067af1f787a2f
-
SHA256
6dfcde7d35486e7da96549e546ad50f27db72af91bffc3e50b95b878daf0e572
-
SHA512
ba464c0056581f0e3552ac4f27d5351ab72a6c33112233c7a23a793a278299411e1e140542a90270d33c008ccab856302c8b743381127b269930812e5ec57007
-
SSDEEP
12288:vy90iDgLpFH8VqHzlyYDiyLgWwYS0dg2/oyzP9Epj8rMQei:vycLXD5eyUWPFZQyKpoMQ9
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1