General
-
Target
b82b09699be0fb40ee7f4186f091be0eb3e17873c67d2b6640d5ce2082a12bab
-
Size
569KB
-
Sample
241109-x5jtjatkcr
-
MD5
62d2249da3b42ff82ec54b62dd0eb600
-
SHA1
d3744461b63d564cdd377ac7cdb9226a0b1a6423
-
SHA256
b82b09699be0fb40ee7f4186f091be0eb3e17873c67d2b6640d5ce2082a12bab
-
SHA512
2bbe7f84dc81e779889f5a55a8c5160d2ab9b05352c5da7676edf53411b2c1fc590c55103471d465ac2529b9d3958c8bc714e54b5be4c45d02e73bfb5348df6d
-
SSDEEP
12288:4y90r8iI7b3aStkwB5QHYEYIPE3d3n9Y8L0LTB/rYL1WqLNvzT:4yY8iInptist3nfLY0sqL1
Static task
static1
Behavioral task
behavioral1
Sample
b82b09699be0fb40ee7f4186f091be0eb3e17873c67d2b6640d5ce2082a12bab.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
b82b09699be0fb40ee7f4186f091be0eb3e17873c67d2b6640d5ce2082a12bab
-
Size
569KB
-
MD5
62d2249da3b42ff82ec54b62dd0eb600
-
SHA1
d3744461b63d564cdd377ac7cdb9226a0b1a6423
-
SHA256
b82b09699be0fb40ee7f4186f091be0eb3e17873c67d2b6640d5ce2082a12bab
-
SHA512
2bbe7f84dc81e779889f5a55a8c5160d2ab9b05352c5da7676edf53411b2c1fc590c55103471d465ac2529b9d3958c8bc714e54b5be4c45d02e73bfb5348df6d
-
SSDEEP
12288:4y90r8iI7b3aStkwB5QHYEYIPE3d3n9Y8L0LTB/rYL1WqLNvzT:4yY8iInptist3nfLY0sqL1
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1