General
-
Target
085a10ae75dacc576fbc84877fa7875d7a418aa74267d6c678e83933b9c418d2
-
Size
1.1MB
-
Sample
241109-xpff6ssqek
-
MD5
eba56791b7d129daf9230e3bcb1ebe2a
-
SHA1
19f26dbdbb20630cf539a646b8c0d3aff00f154a
-
SHA256
085a10ae75dacc576fbc84877fa7875d7a418aa74267d6c678e83933b9c418d2
-
SHA512
c0ce318390f60d55fc2996214b7819b585bda148ce3fef6e695173d6f3f82f40632cca8fff1250434acf09036ae852306e48f9a10533f6dc2f9e2a9318856fe7
-
SSDEEP
24576:Ayyxn8eIlImBIw3bSUpwJ3wO5wc2NNhwgYHt:Hb+mB3Xwn5wbNNagI
Static task
static1
Behavioral task
behavioral1
Sample
085a10ae75dacc576fbc84877fa7875d7a418aa74267d6c678e83933b9c418d2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
085a10ae75dacc576fbc84877fa7875d7a418aa74267d6c678e83933b9c418d2
-
Size
1.1MB
-
MD5
eba56791b7d129daf9230e3bcb1ebe2a
-
SHA1
19f26dbdbb20630cf539a646b8c0d3aff00f154a
-
SHA256
085a10ae75dacc576fbc84877fa7875d7a418aa74267d6c678e83933b9c418d2
-
SHA512
c0ce318390f60d55fc2996214b7819b585bda148ce3fef6e695173d6f3f82f40632cca8fff1250434acf09036ae852306e48f9a10533f6dc2f9e2a9318856fe7
-
SSDEEP
24576:Ayyxn8eIlImBIw3bSUpwJ3wO5wc2NNhwgYHt:Hb+mB3Xwn5wbNNagI
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1