General
-
Target
a6fbbe8dfe6edf50ba7a2958c71156b369aa3dcce347048a61331e1d63e0f987
-
Size
563KB
-
Sample
241109-gy3p3azane
-
MD5
50a5d0fa003c141eaa61f90df900de7f
-
SHA1
e2ccd676f700ff7e4832e065ca9c91033002606d
-
SHA256
a6fbbe8dfe6edf50ba7a2958c71156b369aa3dcce347048a61331e1d63e0f987
-
SHA512
cb2bf8863f3a58f14c7cdceebc5323c523ad0c91ae2be6ea1db63a0f83eae05c4215a838ebee4245293a955133424ab86f040f9042b732a54255a77ef2c9b631
-
SSDEEP
12288:2y90hxw5gXovPJi38EfEpN7a0rWea3i/MVg:2yse5NvkMEfmNh5x/8g
Static task
static1
Behavioral task
behavioral1
Sample
a6fbbe8dfe6edf50ba7a2958c71156b369aa3dcce347048a61331e1d63e0f987.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a6fbbe8dfe6edf50ba7a2958c71156b369aa3dcce347048a61331e1d63e0f987
-
Size
563KB
-
MD5
50a5d0fa003c141eaa61f90df900de7f
-
SHA1
e2ccd676f700ff7e4832e065ca9c91033002606d
-
SHA256
a6fbbe8dfe6edf50ba7a2958c71156b369aa3dcce347048a61331e1d63e0f987
-
SHA512
cb2bf8863f3a58f14c7cdceebc5323c523ad0c91ae2be6ea1db63a0f83eae05c4215a838ebee4245293a955133424ab86f040f9042b732a54255a77ef2c9b631
-
SSDEEP
12288:2y90hxw5gXovPJi38EfEpN7a0rWea3i/MVg:2yse5NvkMEfmNh5x/8g
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1