General
-
Target
2accc039282d5a8aa07dad252a6e5a1f45ec3f039a6f11f103e0db2eee18daab
-
Size
563KB
-
Sample
241109-xtlhzszglr
-
MD5
7e8771f31342b7c26c406a362709e07f
-
SHA1
d1ff9d50eab58c2a280288165bb9f29541ceecf6
-
SHA256
2accc039282d5a8aa07dad252a6e5a1f45ec3f039a6f11f103e0db2eee18daab
-
SHA512
9cd49084b566de64050a0db467e1e9933c1062e1134f41ce4be0f8c82faf5b932f02d22debbc89b40be82bed8142947c1cd7a02d25f56bc6cd54f5402965507e
-
SSDEEP
12288:Wy90qchbhM8xU0JgvI5MvW36L2d6JHS5FLNWoaRG4M:WyJ3wUnvI5Mvu6Lm6lSzaS
Static task
static1
Behavioral task
behavioral1
Sample
2accc039282d5a8aa07dad252a6e5a1f45ec3f039a6f11f103e0db2eee18daab.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2accc039282d5a8aa07dad252a6e5a1f45ec3f039a6f11f103e0db2eee18daab
-
Size
563KB
-
MD5
7e8771f31342b7c26c406a362709e07f
-
SHA1
d1ff9d50eab58c2a280288165bb9f29541ceecf6
-
SHA256
2accc039282d5a8aa07dad252a6e5a1f45ec3f039a6f11f103e0db2eee18daab
-
SHA512
9cd49084b566de64050a0db467e1e9933c1062e1134f41ce4be0f8c82faf5b932f02d22debbc89b40be82bed8142947c1cd7a02d25f56bc6cd54f5402965507e
-
SSDEEP
12288:Wy90qchbhM8xU0JgvI5MvW36L2d6JHS5FLNWoaRG4M:WyJ3wUnvI5Mvu6Lm6lSzaS
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1