General
-
Target
1d916b6565789fc4f9d0b34b8c30a78a6387a83276febd3c61e5e8fc42dd3259
-
Size
560KB
-
Sample
241110-asle9sykck
-
MD5
8c0e992fc1624bd0eee487b8d73e8e11
-
SHA1
37d64cb93a00adc1a0d09bdc0dbe7cb3b6ff7760
-
SHA256
1d916b6565789fc4f9d0b34b8c30a78a6387a83276febd3c61e5e8fc42dd3259
-
SHA512
75fc2b84e8689390c455e53c9e4c0b7feeb7e7b55fb1b75ee630caf0c8a6a9c0de86475d3a8a222fbcd19e168e1f0d84dff8da42a3d93dd78296896c86c0f816
-
SSDEEP
12288:Oy90g5ah2d9V++wiWtubRdAZphOUtFTx1B0udVJCcjX0WtE:OyB5aosSgubRGxpnW3cIt
Static task
static1
Behavioral task
behavioral1
Sample
1d916b6565789fc4f9d0b34b8c30a78a6387a83276febd3c61e5e8fc42dd3259.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
1d916b6565789fc4f9d0b34b8c30a78a6387a83276febd3c61e5e8fc42dd3259
-
Size
560KB
-
MD5
8c0e992fc1624bd0eee487b8d73e8e11
-
SHA1
37d64cb93a00adc1a0d09bdc0dbe7cb3b6ff7760
-
SHA256
1d916b6565789fc4f9d0b34b8c30a78a6387a83276febd3c61e5e8fc42dd3259
-
SHA512
75fc2b84e8689390c455e53c9e4c0b7feeb7e7b55fb1b75ee630caf0c8a6a9c0de86475d3a8a222fbcd19e168e1f0d84dff8da42a3d93dd78296896c86c0f816
-
SSDEEP
12288:Oy90g5ah2d9V++wiWtubRdAZphOUtFTx1B0udVJCcjX0WtE:OyB5aosSgubRGxpnW3cIt
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1