General
-
Target
56160d602c873c42095b5f6b10e176e91203ae709ab84b96d6f46f0e42ab54f8
-
Size
696KB
-
Sample
241110-a6k2naymcl
-
MD5
292a9fc1517348b1f3a1df869fc11743
-
SHA1
7d349379dae97a75adb5d858baa91c9164de7b15
-
SHA256
56160d602c873c42095b5f6b10e176e91203ae709ab84b96d6f46f0e42ab54f8
-
SHA512
b6542b6de93432003e2b5ec22935b7382ce3047054353d091a651fdda894c942999a98a9bfd3b6edeb0033ff4a4bbb7002c56cb68089e328a1c2290ddcf45f75
-
SSDEEP
12288:2y90lEYQ52FYIJqJLTjbCzIzGGcaL6KpLCSGjJU:2yclJonbUujcadUjJU
Static task
static1
Behavioral task
behavioral1
Sample
56160d602c873c42095b5f6b10e176e91203ae709ab84b96d6f46f0e42ab54f8.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
56160d602c873c42095b5f6b10e176e91203ae709ab84b96d6f46f0e42ab54f8
-
Size
696KB
-
MD5
292a9fc1517348b1f3a1df869fc11743
-
SHA1
7d349379dae97a75adb5d858baa91c9164de7b15
-
SHA256
56160d602c873c42095b5f6b10e176e91203ae709ab84b96d6f46f0e42ab54f8
-
SHA512
b6542b6de93432003e2b5ec22935b7382ce3047054353d091a651fdda894c942999a98a9bfd3b6edeb0033ff4a4bbb7002c56cb68089e328a1c2290ddcf45f75
-
SSDEEP
12288:2y90lEYQ52FYIJqJLTjbCzIzGGcaL6KpLCSGjJU:2yclJonbUujcadUjJU
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1