Extracted

• • Target

    80a7b2d443e4dddd1ff31cef8aaba7656261ac95860b4043694a46f88e0b0b9a

  • Size

    501KB

  • MD5

    bb4dceca6e61e5660e77cf8446cf7e18

  • SHA1

    3d36aaec56f6dcb4924a5d542cfb2e8d1630c4d6

  • SHA256

    80a7b2d443e4dddd1ff31cef8aaba7656261ac95860b4043694a46f88e0b0b9a

  • SHA512

    66237491d09a91965fcea363d9ebbfcfa0665f886122acb2666678269b3b1424905fe4699d2aed10c29cc2f6e53b2d06b2453152b24c11f49ff2fa81a00125f2

  • SSDEEP

    6144:Kzy+bnr+udp0yN90QEZqAx8DJODCdCi3NzSw5v3OXf0IVO6oSl9aWRavXvP8ZqV5:9MrhYy90/aJkCDIY3ItavbWe

  Score

  10^/10

  healerredlinefukiadiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1