General
-
Target
48cc54454ee664fec813186a25ca1adb9c88b947dd31c0c21c448fcf203b1a71
-
Size
725KB
-
Sample
241109-xs4ceasrck
-
MD5
33a8a6991ae8602c2fa2cd3726670b9f
-
SHA1
60e60b071dd5bd5ad5ace284593cae3ae86ba361
-
SHA256
48cc54454ee664fec813186a25ca1adb9c88b947dd31c0c21c448fcf203b1a71
-
SHA512
3af78100837cdfc0bd2be5f9c582da7499a921b0db4458af682b9762520c54547165ad7d94ec3449dc92a0fef217d13709705bec2756e07c673ee071a1657a3c
-
SSDEEP
12288:Sy90gVIo+8lvtGRdd8r6rIwjzwPSCOEoKUlEvKmsf:SyZV7BtRPSCOFK1Lg
Static task
static1
Behavioral task
behavioral1
Sample
48cc54454ee664fec813186a25ca1adb9c88b947dd31c0c21c448fcf203b1a71.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
48cc54454ee664fec813186a25ca1adb9c88b947dd31c0c21c448fcf203b1a71
-
Size
725KB
-
MD5
33a8a6991ae8602c2fa2cd3726670b9f
-
SHA1
60e60b071dd5bd5ad5ace284593cae3ae86ba361
-
SHA256
48cc54454ee664fec813186a25ca1adb9c88b947dd31c0c21c448fcf203b1a71
-
SHA512
3af78100837cdfc0bd2be5f9c582da7499a921b0db4458af682b9762520c54547165ad7d94ec3449dc92a0fef217d13709705bec2756e07c673ee071a1657a3c
-
SSDEEP
12288:Sy90gVIo+8lvtGRdd8r6rIwjzwPSCOEoKUlEvKmsf:SyZV7BtRPSCOFK1Lg
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1