General
-
Target
04684c7b656a3670c7be4afc25d5ff289ed16bf51a16eff916dcc2f55aeca6a6
-
Size
965KB
-
Sample
241110-aw6wdavlev
-
MD5
ef81066a1e22014081e69178a8a84d14
-
SHA1
37cf570d96717cc0012c23ad7eb42f48e5d8d9cf
-
SHA256
04684c7b656a3670c7be4afc25d5ff289ed16bf51a16eff916dcc2f55aeca6a6
-
SHA512
3ea9bfff406922ad914b78ff1030e45a892b7a6d435dbecf58938e8a03b8b360aaa11abc8aefbbe6e5785de26ea24ab3528ab1ee99e525277b9d89982bfa339b
-
SSDEEP
12288:Uy90v3hOzqPh42TMrIR7KQsG1PStWcebgrnQUeOA/7N/gaE9mKql4kR0CJM8za:UyM3hHS2TylQ9M7qUe7hG2TR5za
Static task
static1
Behavioral task
behavioral1
Sample
04684c7b656a3670c7be4afc25d5ff289ed16bf51a16eff916dcc2f55aeca6a6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
04684c7b656a3670c7be4afc25d5ff289ed16bf51a16eff916dcc2f55aeca6a6
-
Size
965KB
-
MD5
ef81066a1e22014081e69178a8a84d14
-
SHA1
37cf570d96717cc0012c23ad7eb42f48e5d8d9cf
-
SHA256
04684c7b656a3670c7be4afc25d5ff289ed16bf51a16eff916dcc2f55aeca6a6
-
SHA512
3ea9bfff406922ad914b78ff1030e45a892b7a6d435dbecf58938e8a03b8b360aaa11abc8aefbbe6e5785de26ea24ab3528ab1ee99e525277b9d89982bfa339b
-
SSDEEP
12288:Uy90v3hOzqPh42TMrIR7KQsG1PStWcebgrnQUeOA/7N/gaE9mKql4kR0CJM8za:UyM3hHS2TylQ9M7qUe7hG2TR5za
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1