General
-
Target
113bcc9f97fd2df2cbe7ee37775e8995f57f2191d8612c78f2dcc9d821071462
-
Size
1.5MB
-
Sample
241109-fryl4a1lep
-
MD5
09339deecba900bf3bc4888bea1a262a
-
SHA1
9d6aa4b7abb8ee3d4fb2f6e13972d56a7854a3bd
-
SHA256
113bcc9f97fd2df2cbe7ee37775e8995f57f2191d8612c78f2dcc9d821071462
-
SHA512
da282a5d3a7ce2faba428fb4b15fc472e09e19ed16b6dd9fcb156f3145ab014dc9e36bc17a9f8c4fa860bbb0ca6d775a10a2ec4940eefccc3b64829c97a0a37c
-
SSDEEP
24576:dyJaPda0RCXzPWmi4Y5p/56N1VxMJ7a1AnrhdHf5tRaJyLgX8c7z3:4JafwXbWmC0IJ71r/Hf5eggX84
Static task
static1
Behavioral task
behavioral1
Sample
113bcc9f97fd2df2cbe7ee37775e8995f57f2191d8612c78f2dcc9d821071462.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
113bcc9f97fd2df2cbe7ee37775e8995f57f2191d8612c78f2dcc9d821071462
-
Size
1.5MB
-
MD5
09339deecba900bf3bc4888bea1a262a
-
SHA1
9d6aa4b7abb8ee3d4fb2f6e13972d56a7854a3bd
-
SHA256
113bcc9f97fd2df2cbe7ee37775e8995f57f2191d8612c78f2dcc9d821071462
-
SHA512
da282a5d3a7ce2faba428fb4b15fc472e09e19ed16b6dd9fcb156f3145ab014dc9e36bc17a9f8c4fa860bbb0ca6d775a10a2ec4940eefccc3b64829c97a0a37c
-
SSDEEP
24576:dyJaPda0RCXzPWmi4Y5p/56N1VxMJ7a1AnrhdHf5tRaJyLgX8c7z3:4JafwXbWmC0IJ71r/Hf5eggX84
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1