General
-
Target
247c40bcc7cb6b04702a2185a607be174b5810ba5eec75b16953f7f9608b84c2
-
Size
707KB
-
Sample
241109-fv7zya1mdq
-
MD5
9279973365f49d25069bdc74720f0584
-
SHA1
dc0442736708c299b63bed271150033f3eb5704b
-
SHA256
247c40bcc7cb6b04702a2185a607be174b5810ba5eec75b16953f7f9608b84c2
-
SHA512
608663225537a00ebf643b832dddcd4001ee356898eac69a042254164b5daa3c664256f8f9d59e2142ad4ea6ba43c8fe7dc1ced63b65d0da1d2ecebc946cf560
-
SSDEEP
12288:ay90Xpc5FnZ1kzmI/4ibBn8f1XlDsA9KG8HX7uObm64/cm85Eu8xOS:aymkZ1Qmhibp8f1XloA965MOEdOS
Static task
static1
Behavioral task
behavioral1
Sample
247c40bcc7cb6b04702a2185a607be174b5810ba5eec75b16953f7f9608b84c2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
247c40bcc7cb6b04702a2185a607be174b5810ba5eec75b16953f7f9608b84c2
-
Size
707KB
-
MD5
9279973365f49d25069bdc74720f0584
-
SHA1
dc0442736708c299b63bed271150033f3eb5704b
-
SHA256
247c40bcc7cb6b04702a2185a607be174b5810ba5eec75b16953f7f9608b84c2
-
SHA512
608663225537a00ebf643b832dddcd4001ee356898eac69a042254164b5daa3c664256f8f9d59e2142ad4ea6ba43c8fe7dc1ced63b65d0da1d2ecebc946cf560
-
SSDEEP
12288:ay90Xpc5FnZ1kzmI/4ibBn8f1XlDsA9KG8HX7uObm64/cm85Eu8xOS:aymkZ1Qmhibp8f1XloA965MOEdOS
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1