General
-
Target
b4862d5cab448b8b82645be99142d30f098a15a1e04d44668b017b1728973438
-
Size
376KB
-
Sample
241109-ftcseaybpf
-
MD5
181d6bf1328831d5577b586c18cb3b2b
-
SHA1
eb1b88c1aa96b05b86c64e39ea3d8e077de6a53e
-
SHA256
b4862d5cab448b8b82645be99142d30f098a15a1e04d44668b017b1728973438
-
SHA512
2aa77f8c320e902eae0eec7d1fef9852eae85411cb048f16303f372d491395957947709e2ea4058e809f9bbe18af062a1cf58058517231cb92c177fd632c513b
-
SSDEEP
6144:Kqy+bnr+Wp0yN90QEbcxHODW8HmDqd88MPYhuYR5QqhfQq+7P1Ix5bH6L8CqdQfU:iMrSy905cHWWSi8MgUYjQgQq+jS5L6Lq
Static task
static1
Behavioral task
behavioral1
Sample
b4862d5cab448b8b82645be99142d30f098a15a1e04d44668b017b1728973438.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
b4862d5cab448b8b82645be99142d30f098a15a1e04d44668b017b1728973438
-
Size
376KB
-
MD5
181d6bf1328831d5577b586c18cb3b2b
-
SHA1
eb1b88c1aa96b05b86c64e39ea3d8e077de6a53e
-
SHA256
b4862d5cab448b8b82645be99142d30f098a15a1e04d44668b017b1728973438
-
SHA512
2aa77f8c320e902eae0eec7d1fef9852eae85411cb048f16303f372d491395957947709e2ea4058e809f9bbe18af062a1cf58058517231cb92c177fd632c513b
-
SSDEEP
6144:Kqy+bnr+Wp0yN90QEbcxHODW8HmDqd88MPYhuYR5QqhfQq+7P1Ix5bH6L8CqdQfU:iMrSy905cHWWSi8MgUYjQgQq+jS5L6Lq
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1