General
-
Target
593dd36272281d5b4b98c6bd2394ca6922c00c4142d6a0127ac8acef94a9fc58
-
Size
1.2MB
-
Sample
241109-zcklgavjgk
-
MD5
e67b64e838f7d154b4cfd05fa7bcda70
-
SHA1
89b1a19857c1a68bcb2158dc419247c55a91a5ea
-
SHA256
593dd36272281d5b4b98c6bd2394ca6922c00c4142d6a0127ac8acef94a9fc58
-
SHA512
de59b5f6968394982214cd7efa164074795f756b158636187c303967871d69488d0bda8ded348e426831319f0fffed855cc5e3eccf85bc131b875393395adb7d
-
SSDEEP
24576:dVQCVvyI/k4Zf9YMGp77zdd0ZKUNk9e0KUDsM1dpkJNK35m:dVtvhk499YMGVzddAge0KUDsiyNK
Static task
static1
Behavioral task
behavioral1
Sample
593dd36272281d5b4b98c6bd2394ca6922c00c4142d6a0127ac8acef94a9fc58.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
593dd36272281d5b4b98c6bd2394ca6922c00c4142d6a0127ac8acef94a9fc58.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
593dd36272281d5b4b98c6bd2394ca6922c00c4142d6a0127ac8acef94a9fc58
-
Size
1.2MB
-
MD5
e67b64e838f7d154b4cfd05fa7bcda70
-
SHA1
89b1a19857c1a68bcb2158dc419247c55a91a5ea
-
SHA256
593dd36272281d5b4b98c6bd2394ca6922c00c4142d6a0127ac8acef94a9fc58
-
SHA512
de59b5f6968394982214cd7efa164074795f756b158636187c303967871d69488d0bda8ded348e426831319f0fffed855cc5e3eccf85bc131b875393395adb7d
-
SSDEEP
24576:dVQCVvyI/k4Zf9YMGp77zdd0ZKUNk9e0KUDsM1dpkJNK35m:dVtvhk499YMGVzddAge0KUDsiyNK
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1