General
-
Target
26a1f35a1da183bfa87d517023921bfb6811806e48c7777bae97ffaf22a20ea1
-
Size
706KB
-
Sample
241109-xt26qszgmp
-
MD5
4f74c5772ffae4a50a9d56a2e426fc58
-
SHA1
9979c536414a0b25eed29641ca8569cae83741d4
-
SHA256
26a1f35a1da183bfa87d517023921bfb6811806e48c7777bae97ffaf22a20ea1
-
SHA512
605a3d26995cbc27e63a463012e0ba9d795aca6f86966afc7e3ee74213cfd557a883c2f909ec3cadbbf939c614d13cb557aedd8436581e30984c0b702a340447
-
SSDEEP
12288:Ky90E2S4dQgA1bUnXMCfAIHDskgXHPZeXwX5xJ7hxeGu9Dj/N3iFh7r:Kya1QMdXDsHHkwX5xJl/udj/Bi7r
Static task
static1
Behavioral task
behavioral1
Sample
26a1f35a1da183bfa87d517023921bfb6811806e48c7777bae97ffaf22a20ea1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
26a1f35a1da183bfa87d517023921bfb6811806e48c7777bae97ffaf22a20ea1
-
Size
706KB
-
MD5
4f74c5772ffae4a50a9d56a2e426fc58
-
SHA1
9979c536414a0b25eed29641ca8569cae83741d4
-
SHA256
26a1f35a1da183bfa87d517023921bfb6811806e48c7777bae97ffaf22a20ea1
-
SHA512
605a3d26995cbc27e63a463012e0ba9d795aca6f86966afc7e3ee74213cfd557a883c2f909ec3cadbbf939c614d13cb557aedd8436581e30984c0b702a340447
-
SSDEEP
12288:Ky90E2S4dQgA1bUnXMCfAIHDskgXHPZeXwX5xJ7hxeGu9Dj/N3iFh7r:Kya1QMdXDsHHkwX5xJl/udj/Bi7r
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1