Extracted

• • Target

    510cbf3c5b59b26d855031ef85f6c5c71bc96fbe5a261381b3487817a7334c40

  • Size

    307KB

  • MD5

    b4c5c836abbdf5b3c0592b41215e8a29

  • SHA1

    544141d0f99a8f3bbd52bbba4537e7667dc5cb88

  • SHA256

    510cbf3c5b59b26d855031ef85f6c5c71bc96fbe5a261381b3487817a7334c40

  • SHA512

    237158bc9a7f74ae2afb0f69f134ae26af4e843ea227a3f47fda8d1dc2289305e9b161cce611767057969b095a72bd074c37ebb7f6933a37ecfdb580a483fcd5

  • SSDEEP

    6144:Kpy+bnr+Up0yN90QEK5F5OYc1u31g4TByQ+GUjrIBOPcGwqOT8p5:3Mr8y90kxc1u31TTEDGsryINNOT8b

  Score

  10^/10

  healerredlinemaherdiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1