General
-
Target
15c750257b1d554152cbe0517c8b5015b97a8412ea9a54c57e8a17a0c4c519b3
-
Size
694KB
-
Sample
241109-zdy59avjhn
-
MD5
743eb06b85a746017bd16fe1c8b1a4a1
-
SHA1
d488b253dc2bd85981400adda38b505dc6b6de80
-
SHA256
15c750257b1d554152cbe0517c8b5015b97a8412ea9a54c57e8a17a0c4c519b3
-
SHA512
631e18f3a7bd4cd8f34cf77e6411c7d20d9c8fb1d84c0e32f244ab10ff45f5042db38a0bb60ffb050d49862120aab87b936f2d13b9a55d52a19cf80b260322bc
-
SSDEEP
12288:Vy9018pCXi5Hw5FTSBUGSQHX6Wu6F918b5KuA+sZJvB:VyAo1lGFMUG/X66F918b5hCjvB
Static task
static1
Behavioral task
behavioral1
Sample
15c750257b1d554152cbe0517c8b5015b97a8412ea9a54c57e8a17a0c4c519b3.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
15c750257b1d554152cbe0517c8b5015b97a8412ea9a54c57e8a17a0c4c519b3
-
Size
694KB
-
MD5
743eb06b85a746017bd16fe1c8b1a4a1
-
SHA1
d488b253dc2bd85981400adda38b505dc6b6de80
-
SHA256
15c750257b1d554152cbe0517c8b5015b97a8412ea9a54c57e8a17a0c4c519b3
-
SHA512
631e18f3a7bd4cd8f34cf77e6411c7d20d9c8fb1d84c0e32f244ab10ff45f5042db38a0bb60ffb050d49862120aab87b936f2d13b9a55d52a19cf80b260322bc
-
SSDEEP
12288:Vy9018pCXi5Hw5FTSBUGSQHX6Wu6F918b5KuA+sZJvB:VyAo1lGFMUG/X66F918b5hCjvB
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1