General
-
Target
6932af1b72e5428f52872830d8b209ce700f0cc34e44be0947d504cde27294ff
-
Size
1.2MB
-
Sample
241110-awqt6avldy
-
MD5
027dda9ab81c7b7fe3e36eb71a015ebd
-
SHA1
1f288df326c8b1258f1070bc9236b8ce966e8803
-
SHA256
6932af1b72e5428f52872830d8b209ce700f0cc34e44be0947d504cde27294ff
-
SHA512
6dc6b76a8f12d21c71e1de9d8b4c9e99706928af5cafe043c4c4bdbfb82d32f2ee80fb62c20ea03364db2f890c1ecb7db2f8da93a9f38fdbfd93acc536242867
-
SSDEEP
24576:DGxKz+TDUpS+Nmj4NGQpy6X6yzjKdFuU40KUcDL0lNp/bPm:DGMOKSUDNGQp9qKqFR4JUcDLqNp/b
Static task
static1
Behavioral task
behavioral1
Sample
6932af1b72e5428f52872830d8b209ce700f0cc34e44be0947d504cde27294ff.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
6932af1b72e5428f52872830d8b209ce700f0cc34e44be0947d504cde27294ff.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6932af1b72e5428f52872830d8b209ce700f0cc34e44be0947d504cde27294ff
-
Size
1.2MB
-
MD5
027dda9ab81c7b7fe3e36eb71a015ebd
-
SHA1
1f288df326c8b1258f1070bc9236b8ce966e8803
-
SHA256
6932af1b72e5428f52872830d8b209ce700f0cc34e44be0947d504cde27294ff
-
SHA512
6dc6b76a8f12d21c71e1de9d8b4c9e99706928af5cafe043c4c4bdbfb82d32f2ee80fb62c20ea03364db2f890c1ecb7db2f8da93a9f38fdbfd93acc536242867
-
SSDEEP
24576:DGxKz+TDUpS+Nmj4NGQpy6X6yzjKdFuU40KUcDL0lNp/bPm:DGMOKSUDNGQp9qKqFR4JUcDLqNp/b
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1