General
-
Target
9485ef0fd41cfa9c499db8806fcf9162709d6bfe0cc9e95d7c1737875c69923d
-
Size
705KB
-
Sample
241109-fqw2wa1ldl
-
MD5
fc69eed4bdcc98ffa1b8ec6081e9e018
-
SHA1
c9c112c353908087e3520c9a36cd656b11cad3f4
-
SHA256
9485ef0fd41cfa9c499db8806fcf9162709d6bfe0cc9e95d7c1737875c69923d
-
SHA512
d5e8750c8fa79445fadbaff247e1b50d3d9829abdb72ce00ed4a507035279cb4967f8bf68433cf27994e3739b33e92621c5092e9ea6100b04c543b3102ff7edb
-
SSDEEP
12288:fy90uH3jrarcVdOnp1gNEowm8yliRIgrDiUdO01/ERSTCFc:fyTX3awoDgFtAWUdPcfC
Static task
static1
Behavioral task
behavioral1
Sample
9485ef0fd41cfa9c499db8806fcf9162709d6bfe0cc9e95d7c1737875c69923d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9485ef0fd41cfa9c499db8806fcf9162709d6bfe0cc9e95d7c1737875c69923d
-
Size
705KB
-
MD5
fc69eed4bdcc98ffa1b8ec6081e9e018
-
SHA1
c9c112c353908087e3520c9a36cd656b11cad3f4
-
SHA256
9485ef0fd41cfa9c499db8806fcf9162709d6bfe0cc9e95d7c1737875c69923d
-
SHA512
d5e8750c8fa79445fadbaff247e1b50d3d9829abdb72ce00ed4a507035279cb4967f8bf68433cf27994e3739b33e92621c5092e9ea6100b04c543b3102ff7edb
-
SSDEEP
12288:fy90uH3jrarcVdOnp1gNEowm8yliRIgrDiUdO01/ERSTCFc:fyTX3awoDgFtAWUdPcfC
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1