General
-
Target
636858725f677267d66a8fb9549ed1c706fcdf5356184a410a52248c331b0784
-
Size
560KB
-
Sample
241109-fw7essxnhv
-
MD5
aee77e2e41c01cfc532b27e41a49207a
-
SHA1
df86854e09c48d79a9433f36c4135952a463e5aa
-
SHA256
636858725f677267d66a8fb9549ed1c706fcdf5356184a410a52248c331b0784
-
SHA512
c1057471370bdee80fd792984ca2142ead01fd02fd9b5f024c434dc11aa1181b9ee6098d4511efc85f4ea84294b7067868fe6c9e8d54d60a5ca4455556436fc5
-
SSDEEP
12288:3y904FsbhN8I2JgpgYRpwGGaLcsYX/YobRcHxJr4Kcl:3ynSp2JgpDbtGa3IcRJrzcl
Static task
static1
Behavioral task
behavioral1
Sample
636858725f677267d66a8fb9549ed1c706fcdf5356184a410a52248c331b0784.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
636858725f677267d66a8fb9549ed1c706fcdf5356184a410a52248c331b0784
-
Size
560KB
-
MD5
aee77e2e41c01cfc532b27e41a49207a
-
SHA1
df86854e09c48d79a9433f36c4135952a463e5aa
-
SHA256
636858725f677267d66a8fb9549ed1c706fcdf5356184a410a52248c331b0784
-
SHA512
c1057471370bdee80fd792984ca2142ead01fd02fd9b5f024c434dc11aa1181b9ee6098d4511efc85f4ea84294b7067868fe6c9e8d54d60a5ca4455556436fc5
-
SSDEEP
12288:3y904FsbhN8I2JgpgYRpwGGaLcsYX/YobRcHxJr4Kcl:3ynSp2JgpDbtGa3IcRJrzcl
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1