General
-
Target
4cd4ab7797c2fcc5debc4960f662087cc9828ba792089a5727d566905f2bf454
-
Size
746KB
-
Sample
241109-flcgnsyame
-
MD5
91b58f0a6364bc89c9862862cbb0b583
-
SHA1
1e0fcbddbc1a06b99503f74c48d464610dc8038f
-
SHA256
4cd4ab7797c2fcc5debc4960f662087cc9828ba792089a5727d566905f2bf454
-
SHA512
7ea616f5fba6847aaf96e43ceab77b8d075c0747eac41a3bbbc4c244e7dd844b48084e7302def767db43880ed00d4f37adb38dd7cda37a3d68910fe71692fb7e
-
SSDEEP
12288:sy90JS2cBm/6lkWsnthTNDTIk76V0cn1f9pHBt4XiFgFeldBh37J0vTl:sy7nmymXhTND0pVZ1f4XYQWv1uvZ
Static task
static1
Behavioral task
behavioral1
Sample
4cd4ab7797c2fcc5debc4960f662087cc9828ba792089a5727d566905f2bf454.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4cd4ab7797c2fcc5debc4960f662087cc9828ba792089a5727d566905f2bf454
-
Size
746KB
-
MD5
91b58f0a6364bc89c9862862cbb0b583
-
SHA1
1e0fcbddbc1a06b99503f74c48d464610dc8038f
-
SHA256
4cd4ab7797c2fcc5debc4960f662087cc9828ba792089a5727d566905f2bf454
-
SHA512
7ea616f5fba6847aaf96e43ceab77b8d075c0747eac41a3bbbc4c244e7dd844b48084e7302def767db43880ed00d4f37adb38dd7cda37a3d68910fe71692fb7e
-
SSDEEP
12288:sy90JS2cBm/6lkWsnthTNDTIk76V0cn1f9pHBt4XiFgFeldBh37J0vTl:sy7nmymXhTND0pVZ1f4XYQWv1uvZ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1