General
-
Target
fc7a1b408b7bfa2f85e50079be81c33a691e8b8687ac5364408705230284dd58
-
Size
922KB
-
Sample
241110-a4y6havnax
-
MD5
6d53b1a341c8be2a4e6e4d99b1cf2609
-
SHA1
ca982695f69c604beae79a6f746bba0c585c8e44
-
SHA256
fc7a1b408b7bfa2f85e50079be81c33a691e8b8687ac5364408705230284dd58
-
SHA512
43ddb645db19124c0e3492bb135b50321c8ec63dd245aa8ae690a90215dbfeb8abdf63272110eff0a9af7f57b7158d41227bbd871066b287e7178b391398f074
-
SSDEEP
12288:Ey900j92KCAr7s111nkDVpP5qoBlPnTqHRxIq75Vn8J09kT8EmFgodAdHGAI5MuX:EycKV70nWDoalPTWxIqI1mWodV5MOs0
Static task
static1
Behavioral task
behavioral1
Sample
fc7a1b408b7bfa2f85e50079be81c33a691e8b8687ac5364408705230284dd58.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
fc7a1b408b7bfa2f85e50079be81c33a691e8b8687ac5364408705230284dd58
-
Size
922KB
-
MD5
6d53b1a341c8be2a4e6e4d99b1cf2609
-
SHA1
ca982695f69c604beae79a6f746bba0c585c8e44
-
SHA256
fc7a1b408b7bfa2f85e50079be81c33a691e8b8687ac5364408705230284dd58
-
SHA512
43ddb645db19124c0e3492bb135b50321c8ec63dd245aa8ae690a90215dbfeb8abdf63272110eff0a9af7f57b7158d41227bbd871066b287e7178b391398f074
-
SSDEEP
12288:Ey900j92KCAr7s111nkDVpP5qoBlPnTqHRxIq75Vn8J09kT8EmFgodAdHGAI5MuX:EycKV70nWDoalPTWxIqI1mWodV5MOs0
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1