General
-
Target
9fb4cda1ca0fabdf19d3700029171390e96cba0ad8a64ae99234984a3883d5d2
-
Size
1.5MB
-
Sample
241109-xppd3syret
-
MD5
2d1b1a0bac53f7769d12c28a4be6fd99
-
SHA1
99306962603925fdbdb3dd14fe5c2fe85324e9cb
-
SHA256
9fb4cda1ca0fabdf19d3700029171390e96cba0ad8a64ae99234984a3883d5d2
-
SHA512
96b0a34c0f72e9c6799ed000512d404712c4fd31c0a49bb4a5c969ae85f7181a5f2a5031d68118265533bc5f96a2a1d90548d353d16c1aff09210409680684d4
-
SSDEEP
24576:QyStCma6oQvRd9M5zujtmhIwClzm1+cQZpL7WX2NqRf3rNvE:XSwX6D/92ujtmhpazd6XCivrN
Static task
static1
Behavioral task
behavioral1
Sample
9fb4cda1ca0fabdf19d3700029171390e96cba0ad8a64ae99234984a3883d5d2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9fb4cda1ca0fabdf19d3700029171390e96cba0ad8a64ae99234984a3883d5d2
-
Size
1.5MB
-
MD5
2d1b1a0bac53f7769d12c28a4be6fd99
-
SHA1
99306962603925fdbdb3dd14fe5c2fe85324e9cb
-
SHA256
9fb4cda1ca0fabdf19d3700029171390e96cba0ad8a64ae99234984a3883d5d2
-
SHA512
96b0a34c0f72e9c6799ed000512d404712c4fd31c0a49bb4a5c969ae85f7181a5f2a5031d68118265533bc5f96a2a1d90548d353d16c1aff09210409680684d4
-
SSDEEP
24576:QyStCma6oQvRd9M5zujtmhIwClzm1+cQZpL7WX2NqRf3rNvE:XSwX6D/92ujtmhpazd6XCivrN
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1