General
-
Target
14e1301d16e60f7c7a71e6d5a064f62baf14da25447af4801ef5b1b2f93b0f65
-
Size
704KB
-
Sample
241110-a71thawcpa
-
MD5
82f7664bf594485c27b742c5c97a88a8
-
SHA1
e4780ce2c37178c92b46afc3b4897aec3e76a020
-
SHA256
14e1301d16e60f7c7a71e6d5a064f62baf14da25447af4801ef5b1b2f93b0f65
-
SHA512
80123b23586f9f76a6dd356d2f424b5762dbdd90827652d967de2038951183b91bb138df5a989d4ae5240305dd3cdae91b59383a3277acbe50b8087932a577a6
-
SSDEEP
12288:Fy90F57tfv+PsVoj+nJITDkRKGuDmB06dGMdULuBhFMDjI1GzC31Iz8MQ1/KCste:FyMINj+nJIsRzuO06AjuTFMDOua1I4fZ
Static task
static1
Behavioral task
behavioral1
Sample
14e1301d16e60f7c7a71e6d5a064f62baf14da25447af4801ef5b1b2f93b0f65.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
14e1301d16e60f7c7a71e6d5a064f62baf14da25447af4801ef5b1b2f93b0f65
-
Size
704KB
-
MD5
82f7664bf594485c27b742c5c97a88a8
-
SHA1
e4780ce2c37178c92b46afc3b4897aec3e76a020
-
SHA256
14e1301d16e60f7c7a71e6d5a064f62baf14da25447af4801ef5b1b2f93b0f65
-
SHA512
80123b23586f9f76a6dd356d2f424b5762dbdd90827652d967de2038951183b91bb138df5a989d4ae5240305dd3cdae91b59383a3277acbe50b8087932a577a6
-
SSDEEP
12288:Fy90F57tfv+PsVoj+nJITDkRKGuDmB06dGMdULuBhFMDjI1GzC31Iz8MQ1/KCste:FyMINj+nJIsRzuO06AjuTFMDOua1I4fZ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1