General
-
Target
ce1a0498e9fb2dad6067a89ddcf0f8fd7cd9e751ee920bb2c37f841ee83ecb18
-
Size
707KB
-
Sample
241110-a6mkgswbmr
-
MD5
c558000359f699ceff74dcb90772d7a5
-
SHA1
ce3d1299f09eb48f4e7c06a35839f038b4eb2d16
-
SHA256
ce1a0498e9fb2dad6067a89ddcf0f8fd7cd9e751ee920bb2c37f841ee83ecb18
-
SHA512
0834b74d7a2f7b5388f6d1553daf30bc4d612ad0d6ce74d188cb129d446297a819e3c95aff01a887f5709477c0ddc8d3c6fb5ae23de7cb19d5aecdc178cc752b
-
SSDEEP
12288:Dy90oKkw6WDVB1D3SOh7Uid8dCJa+KXNaS2dnvYmdVaKAlJKZu:DybPy31D3SOqikCJYgLvBgFR
Static task
static1
Behavioral task
behavioral1
Sample
ce1a0498e9fb2dad6067a89ddcf0f8fd7cd9e751ee920bb2c37f841ee83ecb18.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ce1a0498e9fb2dad6067a89ddcf0f8fd7cd9e751ee920bb2c37f841ee83ecb18
-
Size
707KB
-
MD5
c558000359f699ceff74dcb90772d7a5
-
SHA1
ce3d1299f09eb48f4e7c06a35839f038b4eb2d16
-
SHA256
ce1a0498e9fb2dad6067a89ddcf0f8fd7cd9e751ee920bb2c37f841ee83ecb18
-
SHA512
0834b74d7a2f7b5388f6d1553daf30bc4d612ad0d6ce74d188cb129d446297a819e3c95aff01a887f5709477c0ddc8d3c6fb5ae23de7cb19d5aecdc178cc752b
-
SSDEEP
12288:Dy90oKkw6WDVB1D3SOh7Uid8dCJa+KXNaS2dnvYmdVaKAlJKZu:DybPy31D3SOqikCJYgLvBgFR
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1