General
-
Target
39a0c4fec134183ea4d8ad807f172fc834f74394a1571ea1aba6d3a30815b5d8
-
Size
695KB
-
Sample
241109-fsg1qsxna1
-
MD5
6ec56fd25b306a2f21bf2f03bd8e3d76
-
SHA1
90cacb113bf89139b74c090e4ce2e690e74f5a37
-
SHA256
39a0c4fec134183ea4d8ad807f172fc834f74394a1571ea1aba6d3a30815b5d8
-
SHA512
ad436fdb4f83a580e7da9c3e3e97ef3f6bc978f41e107ed362509f51c8c8d5cc9e196a9047dcbe31662d6f3fa6739abb75231dec1c50c188deb4d4930f03e638
-
SSDEEP
12288:ny90ITK4lBAOWe/NNPYl9jw65ATU+0hoX4ZCU55vleu2Kq9ojOQa:nyVbqKNNgl9jRh84ZCUpWKqyjOQa
Static task
static1
Behavioral task
behavioral1
Sample
39a0c4fec134183ea4d8ad807f172fc834f74394a1571ea1aba6d3a30815b5d8.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
39a0c4fec134183ea4d8ad807f172fc834f74394a1571ea1aba6d3a30815b5d8
-
Size
695KB
-
MD5
6ec56fd25b306a2f21bf2f03bd8e3d76
-
SHA1
90cacb113bf89139b74c090e4ce2e690e74f5a37
-
SHA256
39a0c4fec134183ea4d8ad807f172fc834f74394a1571ea1aba6d3a30815b5d8
-
SHA512
ad436fdb4f83a580e7da9c3e3e97ef3f6bc978f41e107ed362509f51c8c8d5cc9e196a9047dcbe31662d6f3fa6739abb75231dec1c50c188deb4d4930f03e638
-
SSDEEP
12288:ny90ITK4lBAOWe/NNPYl9jw65ATU+0hoX4ZCU55vleu2Kq9ojOQa:nyVbqKNNgl9jRh84ZCUpWKqyjOQa
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1