General
-
Target
406e52d271161d7045f61c8d0f7acfcb5233bf077729d8de454b55cbe3c7365f
-
Size
560KB
-
Sample
241109-fx2kyaxpa1
-
MD5
e3c0ba04f86de1673b0916cc5d9b7c27
-
SHA1
93be082b2618a3192192c7180c3bc4b1029e3835
-
SHA256
406e52d271161d7045f61c8d0f7acfcb5233bf077729d8de454b55cbe3c7365f
-
SHA512
1c1dfae5460b5eb1e05a3b927ea78e7b8c399b0331c68768e3618535a7ce3c13078dea2d15573d2e23fc02c09a0866e75a8b3dbcc278a8bbe6cc1435280d79c6
-
SSDEEP
12288:Hy90QtYMWOEQyU/Xz36Z+phXtXFT61BJudVJQhV8diM:HyXY9OOU/j36kHEj3VMiM
Static task
static1
Behavioral task
behavioral1
Sample
406e52d271161d7045f61c8d0f7acfcb5233bf077729d8de454b55cbe3c7365f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
406e52d271161d7045f61c8d0f7acfcb5233bf077729d8de454b55cbe3c7365f
-
Size
560KB
-
MD5
e3c0ba04f86de1673b0916cc5d9b7c27
-
SHA1
93be082b2618a3192192c7180c3bc4b1029e3835
-
SHA256
406e52d271161d7045f61c8d0f7acfcb5233bf077729d8de454b55cbe3c7365f
-
SHA512
1c1dfae5460b5eb1e05a3b927ea78e7b8c399b0331c68768e3618535a7ce3c13078dea2d15573d2e23fc02c09a0866e75a8b3dbcc278a8bbe6cc1435280d79c6
-
SSDEEP
12288:Hy90QtYMWOEQyU/Xz36Z+phXtXFT61BJudVJQhV8diM:HyXY9OOU/j36kHEj3VMiM
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1