General
-
Target
ad2d9e0a510ddc1d0702eaf7ed5a6837fa29bbe720d338b980b68a7fe7167cc2
-
Size
746KB
-
Sample
241109-x4f19a1akk
-
MD5
e9554b51d7656459bbdbeae8805ec4f4
-
SHA1
60b7abbb34c376c7d57eab2d7724e66787c135bc
-
SHA256
ad2d9e0a510ddc1d0702eaf7ed5a6837fa29bbe720d338b980b68a7fe7167cc2
-
SHA512
fa427d3249cfaa5c27b919134b8c46136cf2da57c73d0547bd4cd9ca0e0e28b34a9f40ce5123ee5d1b6dfd6b2ab13a6190c3c2c0dba729abbff3e7854277ed93
-
SSDEEP
12288:my9064HXRP2fa09TG9PkqOnI/XLBbiGKfooGywZ+dnh59+9ewBt9XZ0Qw8ZDMWib:myE3RP2y0aPkrgXLEGqrHdnh597Q9X7C
Static task
static1
Behavioral task
behavioral1
Sample
ad2d9e0a510ddc1d0702eaf7ed5a6837fa29bbe720d338b980b68a7fe7167cc2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ad2d9e0a510ddc1d0702eaf7ed5a6837fa29bbe720d338b980b68a7fe7167cc2
-
Size
746KB
-
MD5
e9554b51d7656459bbdbeae8805ec4f4
-
SHA1
60b7abbb34c376c7d57eab2d7724e66787c135bc
-
SHA256
ad2d9e0a510ddc1d0702eaf7ed5a6837fa29bbe720d338b980b68a7fe7167cc2
-
SHA512
fa427d3249cfaa5c27b919134b8c46136cf2da57c73d0547bd4cd9ca0e0e28b34a9f40ce5123ee5d1b6dfd6b2ab13a6190c3c2c0dba729abbff3e7854277ed93
-
SSDEEP
12288:my9064HXRP2fa09TG9PkqOnI/XLBbiGKfooGywZ+dnh59+9ewBt9XZ0Qw8ZDMWib:myE3RP2y0aPkrgXLEGqrHdnh597Q9X7C
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1