General
-
Target
2d6da7e210cb1137446c31dc828c7103435ae729582d3b3b0945cb3236ab4c02
-
Size
827KB
-
Sample
241109-fv6f4sycjc
-
MD5
a1456af07201f801ff813b0008b63032
-
SHA1
2fa39dbf69aaff5fe44afbc1c1ea9d9968979d0d
-
SHA256
2d6da7e210cb1137446c31dc828c7103435ae729582d3b3b0945cb3236ab4c02
-
SHA512
82e9f992e690050cbb00e33b7a610187f6c5c6a82fe9b8b021010edeec64aaf0605ce1f7b4629a50a5b3b0e62c33d1c4224f803aa4012e775e36c496de482772
-
SSDEEP
12288:fy90jxuHUH3HxwFtI+/NZrLiYBO74xmo7KRxZR5mVWQ65HG1X53C5rI:fyhHU6Ff/OYBAAmC6ZRPs1Jb
Static task
static1
Behavioral task
behavioral1
Sample
2d6da7e210cb1137446c31dc828c7103435ae729582d3b3b0945cb3236ab4c02.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2d6da7e210cb1137446c31dc828c7103435ae729582d3b3b0945cb3236ab4c02
-
Size
827KB
-
MD5
a1456af07201f801ff813b0008b63032
-
SHA1
2fa39dbf69aaff5fe44afbc1c1ea9d9968979d0d
-
SHA256
2d6da7e210cb1137446c31dc828c7103435ae729582d3b3b0945cb3236ab4c02
-
SHA512
82e9f992e690050cbb00e33b7a610187f6c5c6a82fe9b8b021010edeec64aaf0605ce1f7b4629a50a5b3b0e62c33d1c4224f803aa4012e775e36c496de482772
-
SSDEEP
12288:fy90jxuHUH3HxwFtI+/NZrLiYBO74xmo7KRxZR5mVWQ65HG1X53C5rI:fyhHU6Ff/OYBAAmC6ZRPs1Jb
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1