General
-
Target
fae128cca9757c64220cc2e7dec9bf1a8af2db0f4af2331386071b4421c6e006
-
Size
923KB
-
Sample
241109-y2a8natqck
-
MD5
5e741757cfe52c3898ad2aa44e9f531c
-
SHA1
2fca5fa71e7fc63f9cb57ba5f3ba31c50ab11359
-
SHA256
fae128cca9757c64220cc2e7dec9bf1a8af2db0f4af2331386071b4421c6e006
-
SHA512
cea3dc9db09ca7549dca698341149867e9fad3652bc8d74a66802fbfad5a49c9c68d09edecb22ea339224bd546a64b53c84ee3de80a5bbd598ec0c87401fa464
-
SSDEEP
24576:my6VTcX7yD35nbLqD7fD0HRRsVyiwD9RnI:1PryDJnXqHfDAsVM9R
Static task
static1
Behavioral task
behavioral1
Sample
fae128cca9757c64220cc2e7dec9bf1a8af2db0f4af2331386071b4421c6e006.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
fae128cca9757c64220cc2e7dec9bf1a8af2db0f4af2331386071b4421c6e006
-
Size
923KB
-
MD5
5e741757cfe52c3898ad2aa44e9f531c
-
SHA1
2fca5fa71e7fc63f9cb57ba5f3ba31c50ab11359
-
SHA256
fae128cca9757c64220cc2e7dec9bf1a8af2db0f4af2331386071b4421c6e006
-
SHA512
cea3dc9db09ca7549dca698341149867e9fad3652bc8d74a66802fbfad5a49c9c68d09edecb22ea339224bd546a64b53c84ee3de80a5bbd598ec0c87401fa464
-
SSDEEP
24576:my6VTcX7yD35nbLqD7fD0HRRsVyiwD9RnI:1PryDJnXqHfDAsVM9R
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1