General
-
Target
758e36f0b6920f57a3b0b43b6f3a6f217895a19e43b42e440135857aa759fb9e
-
Size
479KB
-
Sample
241109-fqbe6sybke
-
MD5
92f35a184864d794c21f6563cf89c024
-
SHA1
1657a6ede4e9bd80c79da934ae924d55e646dd5b
-
SHA256
758e36f0b6920f57a3b0b43b6f3a6f217895a19e43b42e440135857aa759fb9e
-
SHA512
e6c4fbb3e03edaacf8f0838e87b301bcca6aa0f7451ac367e047d33332d12e44d1c2e37c76ed3920034dd4e73741c870b406a51512f6c26282612c4b0a431743
-
SSDEEP
12288:XMr9y900FrS6lQd+TeeQbmyzb+dZQzBzKOqfIqh1Ii8E1:CybFrS6lQdb1zadZQzcOqfznIi86
Static task
static1
Behavioral task
behavioral1
Sample
758e36f0b6920f57a3b0b43b6f3a6f217895a19e43b42e440135857aa759fb9e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
758e36f0b6920f57a3b0b43b6f3a6f217895a19e43b42e440135857aa759fb9e
-
Size
479KB
-
MD5
92f35a184864d794c21f6563cf89c024
-
SHA1
1657a6ede4e9bd80c79da934ae924d55e646dd5b
-
SHA256
758e36f0b6920f57a3b0b43b6f3a6f217895a19e43b42e440135857aa759fb9e
-
SHA512
e6c4fbb3e03edaacf8f0838e87b301bcca6aa0f7451ac367e047d33332d12e44d1c2e37c76ed3920034dd4e73741c870b406a51512f6c26282612c4b0a431743
-
SSDEEP
12288:XMr9y900FrS6lQd+TeeQbmyzb+dZQzBzKOqfIqh1Ii8E1:CybFrS6lQdb1zadZQzcOqfznIi86
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1