Extracted

• • Target

    758731262e1423c5449b17922f8b98bed16cbbfb94e3e1988533c947a7aa1984

  • Size

    660KB

  • MD5

    f43d3f25ce3cb843c3e9b7810abcaab8

  • SHA1

    c9550fd2b5fc8652753912c0a81a221750b018f3

  • SHA256

    758731262e1423c5449b17922f8b98bed16cbbfb94e3e1988533c947a7aa1984

  • SHA512

    aabe71668e591d5afe6e8bc38b85d9255f81dd21412df04055aa94ff220e1f420e1322d2840714a50a3820dc17d5d4fc9632c583e5154ed1a5cf6fa508598f69

  • SSDEEP

    12288:sMrGy90DpcV0kcaWilU4tl8hiLpPAiQ5IzLZ6HG90fs4rLi3iwaWPxA0Y:qycE0zBijIiLp5Q5IzN6m9Gs463iw5q

  Score

  10^/10

  healerredlinerosndiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1