General
-
Target
432d7cbf11d89a37ba95b50360d24e58e2ab1f48332556ba86503e2701f1ba32
-
Size
935KB
-
Sample
241109-xn1qqasqdm
-
MD5
5d02e6a16e0697669ffd2a728f737dc5
-
SHA1
0dccfce52822ddfbcf36a75f4713a8f58b46c61c
-
SHA256
432d7cbf11d89a37ba95b50360d24e58e2ab1f48332556ba86503e2701f1ba32
-
SHA512
5b08581afb03fc4ffc3a129d71c0830a9e12a9b45effd898b7a1aed28467080632a24ee02d46e618e3387fb218809ebff904c084f8f5c7a7bbc7689944be593b
-
SSDEEP
24576:4y9ssVIDVzxZNRNwIO/amMzMzAfv9ajGOcGZoWYQA:/ismVrPNhlzM0u
Static task
static1
Behavioral task
behavioral1
Sample
432d7cbf11d89a37ba95b50360d24e58e2ab1f48332556ba86503e2701f1ba32.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
432d7cbf11d89a37ba95b50360d24e58e2ab1f48332556ba86503e2701f1ba32
-
Size
935KB
-
MD5
5d02e6a16e0697669ffd2a728f737dc5
-
SHA1
0dccfce52822ddfbcf36a75f4713a8f58b46c61c
-
SHA256
432d7cbf11d89a37ba95b50360d24e58e2ab1f48332556ba86503e2701f1ba32
-
SHA512
5b08581afb03fc4ffc3a129d71c0830a9e12a9b45effd898b7a1aed28467080632a24ee02d46e618e3387fb218809ebff904c084f8f5c7a7bbc7689944be593b
-
SSDEEP
24576:4y9ssVIDVzxZNRNwIO/amMzMzAfv9ajGOcGZoWYQA:/ismVrPNhlzM0u
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1