General
-
Target
837238719ab68c7c8a8d6b3ca460830ef3e4f9592312a152240e06811c96724a
-
Size
703KB
-
Sample
241109-xsheyazjbz
-
MD5
0c72b01161008f45f7cad6d0c0ff3c3f
-
SHA1
2675a77ccb32bed449b30a32f6cc7a3e0a11f7f2
-
SHA256
837238719ab68c7c8a8d6b3ca460830ef3e4f9592312a152240e06811c96724a
-
SHA512
60ba7dc9d625058464b1ec93f7cde453db00f70937b4b608564acaa499c574f67eb65f0c12e4c1bd0d255bc036cf4a6ede4f5c848f90587fb19b7e7841cbc9e6
-
SSDEEP
12288:ty90RM25xFdCHJ+yvFgIrlzp1ICW48CQ3XjVTD0rkeaXiQBpx:tyEM25/dCpxRcG8CQ3TV2PHU
Static task
static1
Behavioral task
behavioral1
Sample
837238719ab68c7c8a8d6b3ca460830ef3e4f9592312a152240e06811c96724a.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
837238719ab68c7c8a8d6b3ca460830ef3e4f9592312a152240e06811c96724a
-
Size
703KB
-
MD5
0c72b01161008f45f7cad6d0c0ff3c3f
-
SHA1
2675a77ccb32bed449b30a32f6cc7a3e0a11f7f2
-
SHA256
837238719ab68c7c8a8d6b3ca460830ef3e4f9592312a152240e06811c96724a
-
SHA512
60ba7dc9d625058464b1ec93f7cde453db00f70937b4b608564acaa499c574f67eb65f0c12e4c1bd0d255bc036cf4a6ede4f5c848f90587fb19b7e7841cbc9e6
-
SSDEEP
12288:ty90RM25xFdCHJ+yvFgIrlzp1ICW48CQ3XjVTD0rkeaXiQBpx:tyEM25/dCpxRcG8CQ3TV2PHU
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1