General
-
Target
950c0d45f7a00c95176fd778078367b92717e293a9f4a1bb92cd42bdec041d2d
-
Size
706KB
-
Sample
241109-fraj9sxmhv
-
MD5
52ddac9d12b3bd939f9c767e89ec3662
-
SHA1
94b43e830bf0ff4048e80ee683f2d43c4532aff1
-
SHA256
950c0d45f7a00c95176fd778078367b92717e293a9f4a1bb92cd42bdec041d2d
-
SHA512
78e4f48f6d3882da7d788ec66afc51cdbbeda0c1d066d59ec933bfcd144e89dd8114e3bdaf5610a10fb610b847b604cde4a85f6b3c70c4d54bb6f5448fd517e0
-
SSDEEP
12288:Dy90j+4hGlCyXcFskPmsdZcIFrjonG3MpBX9WFTn1Nqu8VJG3xM83e:Dy9fl3cBnFrr340RgKBMAe
Static task
static1
Behavioral task
behavioral1
Sample
950c0d45f7a00c95176fd778078367b92717e293a9f4a1bb92cd42bdec041d2d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
950c0d45f7a00c95176fd778078367b92717e293a9f4a1bb92cd42bdec041d2d
-
Size
706KB
-
MD5
52ddac9d12b3bd939f9c767e89ec3662
-
SHA1
94b43e830bf0ff4048e80ee683f2d43c4532aff1
-
SHA256
950c0d45f7a00c95176fd778078367b92717e293a9f4a1bb92cd42bdec041d2d
-
SHA512
78e4f48f6d3882da7d788ec66afc51cdbbeda0c1d066d59ec933bfcd144e89dd8114e3bdaf5610a10fb610b847b604cde4a85f6b3c70c4d54bb6f5448fd517e0
-
SSDEEP
12288:Dy90j+4hGlCyXcFskPmsdZcIFrjonG3MpBX9WFTn1Nqu8VJG3xM83e:Dy9fl3cBnFrr340RgKBMAe
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1