General
-
Target
144475372256312b0f6c6c6bc494f6e471960caf284019f6362e36749896e625
-
Size
706KB
-
Sample
241109-gn5fxayhjf
-
MD5
52c15ac40bd8ce7828b9538f8d2fddb9
-
SHA1
9125740cc51b7b1f5b2db6cf4edb97493bff0325
-
SHA256
144475372256312b0f6c6c6bc494f6e471960caf284019f6362e36749896e625
-
SHA512
292debfb43af70cfd0a9d2858502840156f89ad896f1431e139ba573219f2bce60850781e7963154025bc235eb828300b1f76a71e2ba1427c965bdacf083d219
-
SSDEEP
12288:sy90ranMkYQy9uLkjRnHJ2lU4JsR8fwjhO8Ohq6a/ck86qrObI0:syZM/f0kj9HclUDnjhUE58Z0
Static task
static1
Behavioral task
behavioral1
Sample
144475372256312b0f6c6c6bc494f6e471960caf284019f6362e36749896e625.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
144475372256312b0f6c6c6bc494f6e471960caf284019f6362e36749896e625
-
Size
706KB
-
MD5
52c15ac40bd8ce7828b9538f8d2fddb9
-
SHA1
9125740cc51b7b1f5b2db6cf4edb97493bff0325
-
SHA256
144475372256312b0f6c6c6bc494f6e471960caf284019f6362e36749896e625
-
SHA512
292debfb43af70cfd0a9d2858502840156f89ad896f1431e139ba573219f2bce60850781e7963154025bc235eb828300b1f76a71e2ba1427c965bdacf083d219
-
SSDEEP
12288:sy90ranMkYQy9uLkjRnHJ2lU4JsR8fwjhO8Ohq6a/ck86qrObI0:syZM/f0kj9HclUDnjhUE58Z0
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1