General
-
Target
ee39b370d027abb7b4bcc306e0174a107caece346ef159521835e1aeb53337d4
-
Size
806KB
-
Sample
241110-asd17avhlj
-
MD5
37b408c977fb75c82810a777312c8a60
-
SHA1
5679b67a68a9be3277f733bb9c2e8a7ac3cd5322
-
SHA256
ee39b370d027abb7b4bcc306e0174a107caece346ef159521835e1aeb53337d4
-
SHA512
434d225700393ef7dae29c2da87c219f630251215485cc51a91696b9dbb7caa9df80267fa1e5a7c119ab592b1b297ae6b9569927c78b076063d4778e5f9caa12
-
SSDEEP
12288:hy9021D85W5dyshIVstGbTKAyah1fBl4cmpcXWRQPVhUYOz7LQxEYybrL:hy/nmQFtGaa1pecmpwWRiUY67LHY4
Static task
static1
Behavioral task
behavioral1
Sample
ee39b370d027abb7b4bcc306e0174a107caece346ef159521835e1aeb53337d4.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ee39b370d027abb7b4bcc306e0174a107caece346ef159521835e1aeb53337d4
-
Size
806KB
-
MD5
37b408c977fb75c82810a777312c8a60
-
SHA1
5679b67a68a9be3277f733bb9c2e8a7ac3cd5322
-
SHA256
ee39b370d027abb7b4bcc306e0174a107caece346ef159521835e1aeb53337d4
-
SHA512
434d225700393ef7dae29c2da87c219f630251215485cc51a91696b9dbb7caa9df80267fa1e5a7c119ab592b1b297ae6b9569927c78b076063d4778e5f9caa12
-
SSDEEP
12288:hy9021D85W5dyshIVstGbTKAyah1fBl4cmpcXWRQPVhUYOz7LQxEYybrL:hy/nmQFtGaa1pecmpwWRiUY67LHY4
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1