General
-
Target
80f08ddcf129233f3731597c5ef6c6a2abf805a0d62727ec1db7a1a73e21ce29
-
Size
829KB
-
Sample
241109-gta49asjfn
-
MD5
2ce5496eb967fad94a799d81ad8df38b
-
SHA1
2ac400538285cf724f5e7fa6bc92f8d7e9685ff2
-
SHA256
80f08ddcf129233f3731597c5ef6c6a2abf805a0d62727ec1db7a1a73e21ce29
-
SHA512
2e00075f0e44533666c7996d3ad5d3f80f03a3b18cbfc8607611c9a31e1909b69357685f601516c3e998497ec7c4fb99b141767558be4943ec01eb194bcfba55
-
SSDEEP
12288:ryy90SNx1F0GzCgRiDW7HSb9ZwQlnQ71QcdE4cY8X0SHdFGOO9kvuAiPQZpSwQdf:myZCxW7HKJiXE40Xl9tvuk3w
Static task
static1
Behavioral task
behavioral1
Sample
80f08ddcf129233f3731597c5ef6c6a2abf805a0d62727ec1db7a1a73e21ce29.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
80f08ddcf129233f3731597c5ef6c6a2abf805a0d62727ec1db7a1a73e21ce29
-
Size
829KB
-
MD5
2ce5496eb967fad94a799d81ad8df38b
-
SHA1
2ac400538285cf724f5e7fa6bc92f8d7e9685ff2
-
SHA256
80f08ddcf129233f3731597c5ef6c6a2abf805a0d62727ec1db7a1a73e21ce29
-
SHA512
2e00075f0e44533666c7996d3ad5d3f80f03a3b18cbfc8607611c9a31e1909b69357685f601516c3e998497ec7c4fb99b141767558be4943ec01eb194bcfba55
-
SSDEEP
12288:ryy90SNx1F0GzCgRiDW7HSb9ZwQlnQ71QcdE4cY8X0SHdFGOO9kvuAiPQZpSwQdf:myZCxW7HKJiXE40Xl9tvuk3w
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1