General
-
Target
326241b47f15c75b269b24387ec910c9c5e19fbe44e4f67346ef2591bdbbe03b
-
Size
694KB
-
Sample
241109-fmzctsxmdz
-
MD5
89c3f328d792dac38329624a82d27088
-
SHA1
24004fb43dfa2a9166b455b1bc87f6739db05a7a
-
SHA256
326241b47f15c75b269b24387ec910c9c5e19fbe44e4f67346ef2591bdbbe03b
-
SHA512
00429ec4c1b9a74090620334d8991d8c50598cf9db2401a853408431b9b192b14d7cc9e9522442ceed30e8178fa170e5f546debecd7ead7167339dd2dd81556a
-
SSDEEP
12288:by90ZR+CA1m2iWFjcNr8in+hZR048JhN/0ttHR6YElwWsFoo1T3a06HvbG:byJmghcZ8iniZlPt6tbRo13afS
Static task
static1
Behavioral task
behavioral1
Sample
326241b47f15c75b269b24387ec910c9c5e19fbe44e4f67346ef2591bdbbe03b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
326241b47f15c75b269b24387ec910c9c5e19fbe44e4f67346ef2591bdbbe03b
-
Size
694KB
-
MD5
89c3f328d792dac38329624a82d27088
-
SHA1
24004fb43dfa2a9166b455b1bc87f6739db05a7a
-
SHA256
326241b47f15c75b269b24387ec910c9c5e19fbe44e4f67346ef2591bdbbe03b
-
SHA512
00429ec4c1b9a74090620334d8991d8c50598cf9db2401a853408431b9b192b14d7cc9e9522442ceed30e8178fa170e5f546debecd7ead7167339dd2dd81556a
-
SSDEEP
12288:by90ZR+CA1m2iWFjcNr8in+hZR048JhN/0ttHR6YElwWsFoo1T3a06HvbG:byJmghcZ8iniZlPt6tbRo13afS
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1