General
-
Target
3cdc30613e4bc554187c4fd25a68483d8ca904de1837c1e8444cc0e154922c74
-
Size
935KB
-
Sample
241109-x6s4la1anr
-
MD5
9c910e6b849bc760523a8e409cf5924e
-
SHA1
0e89cda1010bc50ae9a0f58b9bf5f0ae84963c5e
-
SHA256
3cdc30613e4bc554187c4fd25a68483d8ca904de1837c1e8444cc0e154922c74
-
SHA512
7e7fbd1e54b125950b8bbae312859a3eec2f459915cfbe45b15b11692acfa0034e49d71faebc019cbc51ea85b2cae1be8a25ae8e8bfea819347e710e1b94280e
-
SSDEEP
24576:nyklY/fQFZFhO9iVfsAA/0qSzKYTKA/yMLSFIZPXf8E789QaW:yklSQFGipB91pbu+flD
Static task
static1
Behavioral task
behavioral1
Sample
3cdc30613e4bc554187c4fd25a68483d8ca904de1837c1e8444cc0e154922c74.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3cdc30613e4bc554187c4fd25a68483d8ca904de1837c1e8444cc0e154922c74
-
Size
935KB
-
MD5
9c910e6b849bc760523a8e409cf5924e
-
SHA1
0e89cda1010bc50ae9a0f58b9bf5f0ae84963c5e
-
SHA256
3cdc30613e4bc554187c4fd25a68483d8ca904de1837c1e8444cc0e154922c74
-
SHA512
7e7fbd1e54b125950b8bbae312859a3eec2f459915cfbe45b15b11692acfa0034e49d71faebc019cbc51ea85b2cae1be8a25ae8e8bfea819347e710e1b94280e
-
SSDEEP
24576:nyklY/fQFZFhO9iVfsAA/0qSzKYTKA/yMLSFIZPXf8E789QaW:yklSQFGipB91pbu+flD
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1