General
-
Target
47f1394626d9044a973796aa8887541b8edf10835d9c73ec89219bae32301ef1
-
Size
677KB
-
Sample
241109-flrlla1kfl
-
MD5
637f15f7a9f568094f4858c2d61d83b6
-
SHA1
b8aa7f4e34319cc04959ada9012cf6ae5fd06e41
-
SHA256
47f1394626d9044a973796aa8887541b8edf10835d9c73ec89219bae32301ef1
-
SHA512
b82e2b27d68b3a8c1d7dab8ddcedf006265221f69aa05914c613eae3c86da4d829a470dbf2b8e1eae4c7383bea39b8ee5cb67439edf15a8b91c6a1923337b317
-
SSDEEP
12288:WMrey90v3kBCX3BsVzOW1Lo2zOXdArvBJrLgJRwOSH7fm2AeZBSwd:Ey03kBCXxPyLzlLTHOwDHboeZBd
Static task
static1
Behavioral task
behavioral1
Sample
47f1394626d9044a973796aa8887541b8edf10835d9c73ec89219bae32301ef1.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rosto
hueref.eu:4162
-
auth_value
07d81eba8cad42bbd0ae60042d48eac6
Targets
-
-
Target
47f1394626d9044a973796aa8887541b8edf10835d9c73ec89219bae32301ef1
-
Size
677KB
-
MD5
637f15f7a9f568094f4858c2d61d83b6
-
SHA1
b8aa7f4e34319cc04959ada9012cf6ae5fd06e41
-
SHA256
47f1394626d9044a973796aa8887541b8edf10835d9c73ec89219bae32301ef1
-
SHA512
b82e2b27d68b3a8c1d7dab8ddcedf006265221f69aa05914c613eae3c86da4d829a470dbf2b8e1eae4c7383bea39b8ee5cb67439edf15a8b91c6a1923337b317
-
SSDEEP
12288:WMrey90v3kBCX3BsVzOW1Lo2zOXdArvBJrLgJRwOSH7fm2AeZBSwd:Ey03kBCXxPyLzlLTHOwDHboeZBd
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1