General
-
Target
c6ce1316fe2dbd7a91d0510d66a7557d69180dcf17d99b6171cd8fd6a9dd86d1
-
Size
704KB
-
Sample
241110-b4bwmsxanf
-
MD5
abbcda65bf1c4e30e14532d6c0b36d22
-
SHA1
79266536c2e50532f878529eb988b50910ff893e
-
SHA256
c6ce1316fe2dbd7a91d0510d66a7557d69180dcf17d99b6171cd8fd6a9dd86d1
-
SHA512
3daff1252d295e389b4d5afd6ceb76c330368cc39122d8da4ad95d6d19d3947da11f8beb6d586b4dbe25e2402e0b1bbf2a29a834fb3088f75517bca6e19728ef
-
SSDEEP
12288:My90+gojs5HDCJYB/AOzcgx9scZojPfEF9miMZaTbIiZty1gSWZjvDs:MyRgs4HDBHAo9R+jfs9miAa3cgf1Y
Static task
static1
Behavioral task
behavioral1
Sample
c6ce1316fe2dbd7a91d0510d66a7557d69180dcf17d99b6171cd8fd6a9dd86d1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c6ce1316fe2dbd7a91d0510d66a7557d69180dcf17d99b6171cd8fd6a9dd86d1
-
Size
704KB
-
MD5
abbcda65bf1c4e30e14532d6c0b36d22
-
SHA1
79266536c2e50532f878529eb988b50910ff893e
-
SHA256
c6ce1316fe2dbd7a91d0510d66a7557d69180dcf17d99b6171cd8fd6a9dd86d1
-
SHA512
3daff1252d295e389b4d5afd6ceb76c330368cc39122d8da4ad95d6d19d3947da11f8beb6d586b4dbe25e2402e0b1bbf2a29a834fb3088f75517bca6e19728ef
-
SSDEEP
12288:My90+gojs5HDCJYB/AOzcgx9scZojPfEF9miMZaTbIiZty1gSWZjvDs:MyRgs4HDBHAo9R+jfs9miAa3cgf1Y
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1