General
-
Target
c0f43aaaf754dbfa0adf54669e3c9cf6d19dccc4288c06421b509a85e4e03173
-
Size
706KB
-
Sample
241110-a7abjsvney
-
MD5
6a19be1c31bab5210817b160f78c7495
-
SHA1
dbeac727c7bb3a69a526f0be6027add3de6e0f4c
-
SHA256
c0f43aaaf754dbfa0adf54669e3c9cf6d19dccc4288c06421b509a85e4e03173
-
SHA512
fc37b502d07b64a5df537b2ea90280a1e4394de2b5663ceab5f8822e0f5152b9d08163e72c25d8766a142392a6d591a40b1ea759acd5db6bdb799ba6c701cc6a
-
SSDEEP
12288:/y90R82TGdO8Nz6aJV2N3yx0ngrCiU3O7SGEniKAUQIpkJ:/yK6O8BpJV2F8U3AKZARJ
Static task
static1
Behavioral task
behavioral1
Sample
c0f43aaaf754dbfa0adf54669e3c9cf6d19dccc4288c06421b509a85e4e03173.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c0f43aaaf754dbfa0adf54669e3c9cf6d19dccc4288c06421b509a85e4e03173
-
Size
706KB
-
MD5
6a19be1c31bab5210817b160f78c7495
-
SHA1
dbeac727c7bb3a69a526f0be6027add3de6e0f4c
-
SHA256
c0f43aaaf754dbfa0adf54669e3c9cf6d19dccc4288c06421b509a85e4e03173
-
SHA512
fc37b502d07b64a5df537b2ea90280a1e4394de2b5663ceab5f8822e0f5152b9d08163e72c25d8766a142392a6d591a40b1ea759acd5db6bdb799ba6c701cc6a
-
SSDEEP
12288:/y90R82TGdO8Nz6aJV2N3yx0ngrCiU3O7SGEniKAUQIpkJ:/yK6O8BpJV2F8U3AKZARJ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1