General
-
Target
15f850587c7364b2ee094f055c265072512b151c1cb063f3169050b7065a31c1
-
Size
479KB
-
Sample
241110-b291nazkdk
-
MD5
a9250a600e470a9144b3ff771535d50b
-
SHA1
8b8426eec34d5952e4e69b5423aeb3e773d974cd
-
SHA256
15f850587c7364b2ee094f055c265072512b151c1cb063f3169050b7065a31c1
-
SHA512
1a1376b98e08c89c4fae0f1b522cbc8b0ae9e5257ab542c98311f0316959b502571439bd910dc29908a30e2cbdd6363a6c2fac8c6c81fc8a2d8fa3a89a6f6b83
-
SSDEEP
6144:KLy+bnr+/p0yN90QEcLdh+HepZo5XcV9q2fCEH3vtZcLMgbz5Q9trYflQN0rYfBx:VMrvy902Kb5FkHHft6L5DfC94+JmmZr
Static task
static1
Behavioral task
behavioral1
Sample
15f850587c7364b2ee094f055c265072512b151c1cb063f3169050b7065a31c1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
15f850587c7364b2ee094f055c265072512b151c1cb063f3169050b7065a31c1
-
Size
479KB
-
MD5
a9250a600e470a9144b3ff771535d50b
-
SHA1
8b8426eec34d5952e4e69b5423aeb3e773d974cd
-
SHA256
15f850587c7364b2ee094f055c265072512b151c1cb063f3169050b7065a31c1
-
SHA512
1a1376b98e08c89c4fae0f1b522cbc8b0ae9e5257ab542c98311f0316959b502571439bd910dc29908a30e2cbdd6363a6c2fac8c6c81fc8a2d8fa3a89a6f6b83
-
SSDEEP
6144:KLy+bnr+/p0yN90QEcLdh+HepZo5XcV9q2fCEH3vtZcLMgbz5Q9trYflQN0rYfBx:VMrvy902Kb5FkHHft6L5DfC94+JmmZr
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1