General
-
Target
6c8072b4ae245470dad1a23c03674663a49b6f7cd1cb5634e36ba595871404c1
-
Size
617KB
-
Sample
241109-za2f7s1kaw
-
MD5
a161d8c80856bbfb7cd80daeed9c3461
-
SHA1
3ea511161aa5989f8522485a2dd1e856500b8cc9
-
SHA256
6c8072b4ae245470dad1a23c03674663a49b6f7cd1cb5634e36ba595871404c1
-
SHA512
1ad24c45f98c33a26ae40ed6e6842ce6f54569fd66e87f764aa6692b7e7d009f7c1e60837977f83fe00f50dee43871a9ca2d187fded9a8b416e6f459e1e7f4d7
-
SSDEEP
12288:gy906ka1TzNa/C4A1aLPqjsC7CYpxdhl8Wzq4Gbof:gyVn1Tzw/BssC7CUblXcof
Static task
static1
Behavioral task
behavioral1
Sample
6c8072b4ae245470dad1a23c03674663a49b6f7cd1cb5634e36ba595871404c1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6c8072b4ae245470dad1a23c03674663a49b6f7cd1cb5634e36ba595871404c1
-
Size
617KB
-
MD5
a161d8c80856bbfb7cd80daeed9c3461
-
SHA1
3ea511161aa5989f8522485a2dd1e856500b8cc9
-
SHA256
6c8072b4ae245470dad1a23c03674663a49b6f7cd1cb5634e36ba595871404c1
-
SHA512
1ad24c45f98c33a26ae40ed6e6842ce6f54569fd66e87f764aa6692b7e7d009f7c1e60837977f83fe00f50dee43871a9ca2d187fded9a8b416e6f459e1e7f4d7
-
SSDEEP
12288:gy906ka1TzNa/C4A1aLPqjsC7CYpxdhl8Wzq4Gbof:gyVn1Tzw/BssC7CUblXcof
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1