General
-
Target
bc74c13f16ae5b3672ed4a7a6ad3b9bc3f4e19f186a3b1835da71950378c036d
-
Size
706KB
-
Sample
241109-xswybszfrb
-
MD5
5ca31c39cd15fad7dcd017eb6a21155a
-
SHA1
c46ae8e8b8d3c99de12c6ce8dc8e9504d0050cda
-
SHA256
bc74c13f16ae5b3672ed4a7a6ad3b9bc3f4e19f186a3b1835da71950378c036d
-
SHA512
7817730b44a8324c82bdab53e422dfd7727b7b073c6182ae1eac2e59f2da95cfad1ce7de831b4d60cfb4d2cfc55f732c645dce4a3b29a39c7d1ee360847c2873
-
SSDEEP
12288:Sy90C6MYidfirSQ8KbQSksmgyPq+51drVJY8c02hZ/02T5DvL:Syb61pZ+DyurVTcJcw5Dj
Static task
static1
Behavioral task
behavioral1
Sample
bc74c13f16ae5b3672ed4a7a6ad3b9bc3f4e19f186a3b1835da71950378c036d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
bc74c13f16ae5b3672ed4a7a6ad3b9bc3f4e19f186a3b1835da71950378c036d
-
Size
706KB
-
MD5
5ca31c39cd15fad7dcd017eb6a21155a
-
SHA1
c46ae8e8b8d3c99de12c6ce8dc8e9504d0050cda
-
SHA256
bc74c13f16ae5b3672ed4a7a6ad3b9bc3f4e19f186a3b1835da71950378c036d
-
SHA512
7817730b44a8324c82bdab53e422dfd7727b7b073c6182ae1eac2e59f2da95cfad1ce7de831b4d60cfb4d2cfc55f732c645dce4a3b29a39c7d1ee360847c2873
-
SSDEEP
12288:Sy90C6MYidfirSQ8KbQSksmgyPq+51drVJY8c02hZ/02T5DvL:Syb61pZ+DyurVTcJcw5Dj
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1