General
-
Target
6df258d780c728ca060dc16da8f830cb5a989187d38bc99a74597df9d25ef1dd
-
Size
706KB
-
Sample
241110-a5wf1awckf
-
MD5
5891586f4b6bf5eed5dd495933c54865
-
SHA1
c9a950af3c583e0be7bd6bb5d52b75039638bf91
-
SHA256
6df258d780c728ca060dc16da8f830cb5a989187d38bc99a74597df9d25ef1dd
-
SHA512
725f6ba9c97c70588d415cbe3c46e7ee05a5088232b38460f8d7981d1e25e7df09b036ecb786332ff3e1580e0fd1c1f8c7b8fe4ca3b600893d61b82899f0a775
-
SSDEEP
12288:ry903iywpzwi2pRHcm44UvNXtEXqIY6zhlyoH5Gw5wqd6OZo:ryWKpzwHcm4bVdrElzZGw+qUOZo
Static task
static1
Behavioral task
behavioral1
Sample
6df258d780c728ca060dc16da8f830cb5a989187d38bc99a74597df9d25ef1dd.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6df258d780c728ca060dc16da8f830cb5a989187d38bc99a74597df9d25ef1dd
-
Size
706KB
-
MD5
5891586f4b6bf5eed5dd495933c54865
-
SHA1
c9a950af3c583e0be7bd6bb5d52b75039638bf91
-
SHA256
6df258d780c728ca060dc16da8f830cb5a989187d38bc99a74597df9d25ef1dd
-
SHA512
725f6ba9c97c70588d415cbe3c46e7ee05a5088232b38460f8d7981d1e25e7df09b036ecb786332ff3e1580e0fd1c1f8c7b8fe4ca3b600893d61b82899f0a775
-
SSDEEP
12288:ry903iywpzwi2pRHcm44UvNXtEXqIY6zhlyoH5Gw5wqd6OZo:ryWKpzwHcm4bVdrElzZGw+qUOZo
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1