General
-
Target
83ece28cd700edcc1deea5801493ad1ff545f48073cb4bd3cf495037ee0eafa0
-
Size
479KB
-
Sample
241109-x6al9atken
-
MD5
7e755bb7429271434344a0ebfbd9cf8d
-
SHA1
07f8c7f8cbb86d11d87f1202dbe6fbff3ad79255
-
SHA256
83ece28cd700edcc1deea5801493ad1ff545f48073cb4bd3cf495037ee0eafa0
-
SHA512
b9899eeb32d347b300f6aa8081890173b1dd9dd69c9d3f566417c20341b3b1835d8d259037c627881204c09e0d9d901d87cdf0c088baf7e17d9e05c2b0302911
-
SSDEEP
6144:KHy+bnr+Ap0yN90QESsbz0u4whYUhykH04Qb9p7ufv0DQF0IoKFtJ:hMr4y907n0u2wykHBQbXkv0DE0IRFtJ
Static task
static1
Behavioral task
behavioral1
Sample
83ece28cd700edcc1deea5801493ad1ff545f48073cb4bd3cf495037ee0eafa0.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
83ece28cd700edcc1deea5801493ad1ff545f48073cb4bd3cf495037ee0eafa0
-
Size
479KB
-
MD5
7e755bb7429271434344a0ebfbd9cf8d
-
SHA1
07f8c7f8cbb86d11d87f1202dbe6fbff3ad79255
-
SHA256
83ece28cd700edcc1deea5801493ad1ff545f48073cb4bd3cf495037ee0eafa0
-
SHA512
b9899eeb32d347b300f6aa8081890173b1dd9dd69c9d3f566417c20341b3b1835d8d259037c627881204c09e0d9d901d87cdf0c088baf7e17d9e05c2b0302911
-
SSDEEP
6144:KHy+bnr+Ap0yN90QESsbz0u4whYUhykH04Qb9p7ufv0DQF0IoKFtJ:hMr4y907n0u2wykHBQbXkv0DE0IRFtJ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1