General
-
Target
6ebf9d9e3649871c4ae2541134bf1d61c40be5108fb64b595ca735a0e5a54619N
-
Size
747KB
-
Sample
241110-b5n8cszkgr
-
MD5
d12d732d2f792bcd3a8f0b71d8371d70
-
SHA1
51127b1f01d435941ec962b5b2723fdf5669bc10
-
SHA256
6ebf9d9e3649871c4ae2541134bf1d61c40be5108fb64b595ca735a0e5a54619
-
SHA512
0b3338b2de1fb479c0ab2e7b822f2368d0242d157303e2483ec49e001b7e2b611cfc086bc76d66fb209e21507a786dffec6864a41f311c5d2775514459ced623
-
SSDEEP
12288:jy90OXJihefJnTBTi3oMEuXD0UghLdEJd6nDRa6OlQ43NPgbFCXxmyqO:jyPTTBqoMEWD0phOJkDYR5NPCix9
Static task
static1
Behavioral task
behavioral1
Sample
6ebf9d9e3649871c4ae2541134bf1d61c40be5108fb64b595ca735a0e5a54619N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6ebf9d9e3649871c4ae2541134bf1d61c40be5108fb64b595ca735a0e5a54619N
-
Size
747KB
-
MD5
d12d732d2f792bcd3a8f0b71d8371d70
-
SHA1
51127b1f01d435941ec962b5b2723fdf5669bc10
-
SHA256
6ebf9d9e3649871c4ae2541134bf1d61c40be5108fb64b595ca735a0e5a54619
-
SHA512
0b3338b2de1fb479c0ab2e7b822f2368d0242d157303e2483ec49e001b7e2b611cfc086bc76d66fb209e21507a786dffec6864a41f311c5d2775514459ced623
-
SSDEEP
12288:jy90OXJihefJnTBTi3oMEuXD0UghLdEJd6nDRa6OlQ43NPgbFCXxmyqO:jyPTTBqoMEWD0phOJkDYR5NPCix9
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1