General
-
Target
1e9f281bf8bdf2e847fefd7a791ca2c70db8f1ad0b4cd5bd5794a842e4d6eb84
-
Size
689KB
-
Sample
241109-fp1nnsybka
-
MD5
34c1d684ebcd654b45aea2dc4d1e86bc
-
SHA1
08814ba63c43e5acc851dfd125298cb0882833a5
-
SHA256
1e9f281bf8bdf2e847fefd7a791ca2c70db8f1ad0b4cd5bd5794a842e4d6eb84
-
SHA512
a1448fa245024c2271da3eae8740e18e569bc87a0f52dead70e4786838a6ad45d5a562de6e71f5da6a88f3e68be511f8f308a03b6cdd355b7c3c3e4f81e428da
-
SSDEEP
12288:ty90kgxikUwSjhuph1dDExQB3zZIJPGiBiMj/qNbrLBrLF64ST/z9a2rKCW0+7:tyYxinwSjUp9DEGzZCGioMuNb3BrLF6u
Static task
static1
Behavioral task
behavioral1
Sample
1e9f281bf8bdf2e847fefd7a791ca2c70db8f1ad0b4cd5bd5794a842e4d6eb84.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
1e9f281bf8bdf2e847fefd7a791ca2c70db8f1ad0b4cd5bd5794a842e4d6eb84
-
Size
689KB
-
MD5
34c1d684ebcd654b45aea2dc4d1e86bc
-
SHA1
08814ba63c43e5acc851dfd125298cb0882833a5
-
SHA256
1e9f281bf8bdf2e847fefd7a791ca2c70db8f1ad0b4cd5bd5794a842e4d6eb84
-
SHA512
a1448fa245024c2271da3eae8740e18e569bc87a0f52dead70e4786838a6ad45d5a562de6e71f5da6a88f3e68be511f8f308a03b6cdd355b7c3c3e4f81e428da
-
SSDEEP
12288:ty90kgxikUwSjhuph1dDExQB3zZIJPGiBiMj/qNbrLBrLF64ST/z9a2rKCW0+7:tyYxinwSjUp9DEGzZCGioMuNb3BrLF6u
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1