General
-
Target
9ce78a92c5c2c7dc8c151fde5cd9b124faff9e8c391b1577b45414ac8dbd3dc6
-
Size
1.2MB
-
Sample
241109-xmscyssqaq
-
MD5
635987bd42588308271d96ec3efe0b1e
-
SHA1
1276360876ee33b3d7e4ba7dbc784edb527b861b
-
SHA256
9ce78a92c5c2c7dc8c151fde5cd9b124faff9e8c391b1577b45414ac8dbd3dc6
-
SHA512
4242c5146fcb042cbac3b02547217869b21c5e3670f6a8277fd3e02a4688e7c92af8cfa316eb732fcaa9b790c21f69c9ece021f863c8529c38b968196a8c06c8
-
SSDEEP
24576:L0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:L0zNUYjkCcPoJgK3ss+y4bN
Static task
static1
Behavioral task
behavioral1
Sample
9ce78a92c5c2c7dc8c151fde5cd9b124faff9e8c391b1577b45414ac8dbd3dc6.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9ce78a92c5c2c7dc8c151fde5cd9b124faff9e8c391b1577b45414ac8dbd3dc6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9ce78a92c5c2c7dc8c151fde5cd9b124faff9e8c391b1577b45414ac8dbd3dc6
-
Size
1.2MB
-
MD5
635987bd42588308271d96ec3efe0b1e
-
SHA1
1276360876ee33b3d7e4ba7dbc784edb527b861b
-
SHA256
9ce78a92c5c2c7dc8c151fde5cd9b124faff9e8c391b1577b45414ac8dbd3dc6
-
SHA512
4242c5146fcb042cbac3b02547217869b21c5e3670f6a8277fd3e02a4688e7c92af8cfa316eb732fcaa9b790c21f69c9ece021f863c8529c38b968196a8c06c8
-
SSDEEP
24576:L0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:L0zNUYjkCcPoJgK3ss+y4bN
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1