General
-
Target
063261ebc132234e0394de1397c0b889635ef95bcfaec4bca57614f53c5ba7a8
-
Size
569KB
-
Sample
241109-fmtscayapc
-
MD5
825525d61f130bcd57b0df9361974758
-
SHA1
f6dce80a9188e83c989f36f4fa1951e7c86e5bfa
-
SHA256
063261ebc132234e0394de1397c0b889635ef95bcfaec4bca57614f53c5ba7a8
-
SHA512
cad76e03ba4aa50578180d5e8ec472c9eed2b3c825fcdc80971cf17dcfe96c87d010b167eebaad3eeda304ed60d3b4fa99eedd7ea2d56db239e78e292c1bc676
-
SSDEEP
12288:My90tBATnu2LScCxE9J6OPZlO6/N18iVUe7zj1wGk:MyRTu2LShEPRn/ue7zj1wr
Static task
static1
Behavioral task
behavioral1
Sample
063261ebc132234e0394de1397c0b889635ef95bcfaec4bca57614f53c5ba7a8.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
063261ebc132234e0394de1397c0b889635ef95bcfaec4bca57614f53c5ba7a8
-
Size
569KB
-
MD5
825525d61f130bcd57b0df9361974758
-
SHA1
f6dce80a9188e83c989f36f4fa1951e7c86e5bfa
-
SHA256
063261ebc132234e0394de1397c0b889635ef95bcfaec4bca57614f53c5ba7a8
-
SHA512
cad76e03ba4aa50578180d5e8ec472c9eed2b3c825fcdc80971cf17dcfe96c87d010b167eebaad3eeda304ed60d3b4fa99eedd7ea2d56db239e78e292c1bc676
-
SSDEEP
12288:My90tBATnu2LScCxE9J6OPZlO6/N18iVUe7zj1wGk:MyRTu2LShEPRn/ue7zj1wr
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1