General
-
Target
2630fcdad04ad0268b03d275b2858adf70de35e7b16f4480c01516ff56f0c4f6
-
Size
920KB
-
Sample
241109-xr7cnszjbv
-
MD5
42851fd2767e257b0ac362d8877349cb
-
SHA1
8621a95ef0467f623496dc16ef15e73de5af1ade
-
SHA256
2630fcdad04ad0268b03d275b2858adf70de35e7b16f4480c01516ff56f0c4f6
-
SHA512
76126461f60d4d1fb7b21d8ad7524597e4a609d536669a9ea8e59f6ca37df0abed5db4cd1325c40d7ef754ef8378a2a56f3b8d180e777532fc679688aa7a4f5c
-
SSDEEP
24576:3yi9j9IlrlEbhQ6fkayKxrYNDbyiN7gcV:CiUrlEbW6aUEHV7
Static task
static1
Behavioral task
behavioral1
Sample
2630fcdad04ad0268b03d275b2858adf70de35e7b16f4480c01516ff56f0c4f6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2630fcdad04ad0268b03d275b2858adf70de35e7b16f4480c01516ff56f0c4f6
-
Size
920KB
-
MD5
42851fd2767e257b0ac362d8877349cb
-
SHA1
8621a95ef0467f623496dc16ef15e73de5af1ade
-
SHA256
2630fcdad04ad0268b03d275b2858adf70de35e7b16f4480c01516ff56f0c4f6
-
SHA512
76126461f60d4d1fb7b21d8ad7524597e4a609d536669a9ea8e59f6ca37df0abed5db4cd1325c40d7ef754ef8378a2a56f3b8d180e777532fc679688aa7a4f5c
-
SSDEEP
24576:3yi9j9IlrlEbhQ6fkayKxrYNDbyiN7gcV:CiUrlEbW6aUEHV7
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1