General
-
Target
998501f9fe9d5952fe6133c7381bd195e5ee18db4e9abdfb1746ceb9a7360fc5
-
Size
706KB
-
Sample
241109-gt43bssjgr
-
MD5
7c9d8bf30191d060d7b84b720fd27197
-
SHA1
452daeaf47c1ef21093f3b5cdfb850e88628b41b
-
SHA256
998501f9fe9d5952fe6133c7381bd195e5ee18db4e9abdfb1746ceb9a7360fc5
-
SHA512
c6299fc6339a3799fbaa3913c7255cbd54a06a74e6316546f7b6d5b2d2f84ec72e6bf9505b27474b78fd24beb05a0f281c544782775dfda97835eeebdc2f856f
-
SSDEEP
12288:2y90BGpsD1PTt+atYjPERalYrzEv6XGzwnfDO3n64/cS8Asbe1bkKaOsi:2yFpsDFgatHwl0EvQKm6ttoedN
Static task
static1
Behavioral task
behavioral1
Sample
998501f9fe9d5952fe6133c7381bd195e5ee18db4e9abdfb1746ceb9a7360fc5.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
998501f9fe9d5952fe6133c7381bd195e5ee18db4e9abdfb1746ceb9a7360fc5
-
Size
706KB
-
MD5
7c9d8bf30191d060d7b84b720fd27197
-
SHA1
452daeaf47c1ef21093f3b5cdfb850e88628b41b
-
SHA256
998501f9fe9d5952fe6133c7381bd195e5ee18db4e9abdfb1746ceb9a7360fc5
-
SHA512
c6299fc6339a3799fbaa3913c7255cbd54a06a74e6316546f7b6d5b2d2f84ec72e6bf9505b27474b78fd24beb05a0f281c544782775dfda97835eeebdc2f856f
-
SSDEEP
12288:2y90BGpsD1PTt+atYjPERalYrzEv6XGzwnfDO3n64/cS8Asbe1bkKaOsi:2yFpsDFgatHwl0EvQKm6ttoedN
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1