General
-
Target
24065be5dd94ca82e0c57d10781874c2ff0f070de86562f4693ceb57e670fc1d
-
Size
727KB
-
Sample
241109-fskrmaybqj
-
MD5
f0c0a0e75c82d5807d1609822fa94814
-
SHA1
e044c53e39304fa91b28e3a7506c4d671df2b388
-
SHA256
24065be5dd94ca82e0c57d10781874c2ff0f070de86562f4693ceb57e670fc1d
-
SHA512
055e06d6ca39493972bce52f7e4959910c1d748d9062285e2752ce2cc8fba5663c9eb3ef0da3df0eede1ed7b72014062715b0958cd1a0fddec01f318edc1f0ae
-
SSDEEP
12288:zy90D3iOUCA6I7Gc5MLgyW3r9txWGnKMF9pcvhPbvUj4ZBkGwDo7hnTdAUxiWV24:zy2hUCA6gyWbFWCFHcvhreGFwsFnTxVX
Static task
static1
Behavioral task
behavioral1
Sample
24065be5dd94ca82e0c57d10781874c2ff0f070de86562f4693ceb57e670fc1d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
24065be5dd94ca82e0c57d10781874c2ff0f070de86562f4693ceb57e670fc1d
-
Size
727KB
-
MD5
f0c0a0e75c82d5807d1609822fa94814
-
SHA1
e044c53e39304fa91b28e3a7506c4d671df2b388
-
SHA256
24065be5dd94ca82e0c57d10781874c2ff0f070de86562f4693ceb57e670fc1d
-
SHA512
055e06d6ca39493972bce52f7e4959910c1d748d9062285e2752ce2cc8fba5663c9eb3ef0da3df0eede1ed7b72014062715b0958cd1a0fddec01f318edc1f0ae
-
SSDEEP
12288:zy90D3iOUCA6I7Gc5MLgyW3r9txWGnKMF9pcvhPbvUj4ZBkGwDo7hnTdAUxiWV24:zy2hUCA6gyWbFWCFHcvhreGFwsFnTxVX
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1