Extracted

• • Target

    bb03666fb2d403993f02596999a1e4b092899b814b3d592a5b5dc9637f84c341

  • Size

    576KB

  • MD5

    77146f6888857d84c45ad43947892d70

  • SHA1

    b27afdb5884b7b994774463bf22f7d22b5232aac

  • SHA256

    bb03666fb2d403993f02596999a1e4b092899b814b3d592a5b5dc9637f84c341

  • SHA512

    b48505ef1e1b331d5c3482b6f8150da609b3a78ede57306d2782ddf4695c17adc11947d33a6c67e6037f8d1484cca8233818fd48b993595100ed17a7f7f5686b

  • SSDEEP

    12288:4MrEy90lahimz7AuxqVkTqNzTMly6mjfFCBy9D5f:8y4sVAuxYkTq5ufMfIg9f

  Score

  10^/10

  healerredlinemangodiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1