Extracted

• • Target

    44872f87464257c873b3891f7007a0241b7b401ab64323b073256b87cd7d9696

  • Size

    386KB

  • MD5

    6962227a65a272793ba24a0f7e56ce7a

  • SHA1

    4b51120789f47290115f9c13375045073ac765b6

  • SHA256

    44872f87464257c873b3891f7007a0241b7b401ab64323b073256b87cd7d9696

  • SHA512

    56dc1681b5edad4b57f4f7cf8e43436e621e68f548b93a5caabd57b00e5092cef90414f520bfb5508336345510302604ce3f86c4625a1a3cfed130d1887cc764

  • SSDEEP

    6144:Khy+bnr+Hp0yN90QEEHA0Da8I6B9VP1mYcz4eyOfq/zjr1hsbeCWb1+lVaC9X8yq:PMr3y90WWv6Bn3+4hb1hUfO7X

  Score

  10^/10

  healerredlinemangodiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1