General
-
Target
9e21746fc6f8c5f733dc972f41d02b73b0836c40b83abc8ed3f6eb37e20f490b
-
Size
564KB
-
Sample
241109-g5j7asymdx
-
MD5
59451f7316279638e4fd47a730c75615
-
SHA1
bb49e5aa62950dc549a8bb7a5524de25fbab11e7
-
SHA256
9e21746fc6f8c5f733dc972f41d02b73b0836c40b83abc8ed3f6eb37e20f490b
-
SHA512
24b9bc6c3aba01dc2fd52b9b55cb38bc20bd5322cfff9f1e710f5630d2e6ebc1e41e971139c1ef413b97232836f07f0c5c8b979bbb65d37085b3dc3edf434445
-
SSDEEP
12288:sy905yI5j9SBxsmetehLO+StsIOAzo03KBnMd2tPD4yrjy1v:sys1qs3teVOxtqsP3Klq2dMAjiv
Static task
static1
Behavioral task
behavioral1
Sample
9e21746fc6f8c5f733dc972f41d02b73b0836c40b83abc8ed3f6eb37e20f490b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9e21746fc6f8c5f733dc972f41d02b73b0836c40b83abc8ed3f6eb37e20f490b
-
Size
564KB
-
MD5
59451f7316279638e4fd47a730c75615
-
SHA1
bb49e5aa62950dc549a8bb7a5524de25fbab11e7
-
SHA256
9e21746fc6f8c5f733dc972f41d02b73b0836c40b83abc8ed3f6eb37e20f490b
-
SHA512
24b9bc6c3aba01dc2fd52b9b55cb38bc20bd5322cfff9f1e710f5630d2e6ebc1e41e971139c1ef413b97232836f07f0c5c8b979bbb65d37085b3dc3edf434445
-
SSDEEP
12288:sy905yI5j9SBxsmetehLO+StsIOAzo03KBnMd2tPD4yrjy1v:sys1qs3teVOxtqsP3Klq2dMAjiv
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1