General
-
Target
62cdf42bba9df4e7832816af66430d20368fe08bcfa2a955d8cdbcb3ce2fefa2
-
Size
702KB
-
Sample
241109-fp7f8a1lcq
-
MD5
9156339447ecc84c78a2c9920083104c
-
SHA1
79a8dae6743d5a0c67dbd55dc68fabe644377aa3
-
SHA256
62cdf42bba9df4e7832816af66430d20368fe08bcfa2a955d8cdbcb3ce2fefa2
-
SHA512
59267e7fb75f4be809a07167e65aefd9f4bbe4859be867d7b580d3993d12d7458697c0f6beb15c670c2d3f94075367513d03fb980fee8c8e4659945303a7015d
-
SSDEEP
12288:4y90yWSI6BRvips6h0+bfDEw9etH2x/NWX/+9r0reeamiy4z3:4ypc6BRghh0+b7itH2x/NWP+Ix2dz3
Static task
static1
Behavioral task
behavioral1
Sample
62cdf42bba9df4e7832816af66430d20368fe08bcfa2a955d8cdbcb3ce2fefa2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
62cdf42bba9df4e7832816af66430d20368fe08bcfa2a955d8cdbcb3ce2fefa2
-
Size
702KB
-
MD5
9156339447ecc84c78a2c9920083104c
-
SHA1
79a8dae6743d5a0c67dbd55dc68fabe644377aa3
-
SHA256
62cdf42bba9df4e7832816af66430d20368fe08bcfa2a955d8cdbcb3ce2fefa2
-
SHA512
59267e7fb75f4be809a07167e65aefd9f4bbe4859be867d7b580d3993d12d7458697c0f6beb15c670c2d3f94075367513d03fb980fee8c8e4659945303a7015d
-
SSDEEP
12288:4y90yWSI6BRvips6h0+bfDEw9etH2x/NWX/+9r0reeamiy4z3:4ypc6BRghh0+b7itH2x/NWP+Ix2dz3
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1