General
-
Target
8034c6a337c98b04d080a240b0b5e2789c6b743e557d03846192cf70346575abN
-
Size
704KB
-
Sample
241110-b5ry9axaqd
-
MD5
cdf57a059d7cf4fc20119f6230635bc0
-
SHA1
116507d84649915cf508018ab4741b7243b87ff8
-
SHA256
8034c6a337c98b04d080a240b0b5e2789c6b743e557d03846192cf70346575ab
-
SHA512
40abbb36d0326299fb29aa99aa33486f0b2a33b6791de5a6ebb5cadcd4174a2978a19b7a794fdff4a8c11c13edb52b4c5e6cc1a0e21e98007dbfb7fcc43d027a
-
SSDEEP
12288:hy90jTdrpTRG6Vnk9KQLgTCkqvGcDmBiIkEiI33CI1IzCK5IzJM+o/KOIvhu4Ww:hy8hrpTE6VnVQMvqOcOiIXN3rU35IlJ9
Static task
static1
Behavioral task
behavioral1
Sample
8034c6a337c98b04d080a240b0b5e2789c6b743e557d03846192cf70346575abN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8034c6a337c98b04d080a240b0b5e2789c6b743e557d03846192cf70346575abN
-
Size
704KB
-
MD5
cdf57a059d7cf4fc20119f6230635bc0
-
SHA1
116507d84649915cf508018ab4741b7243b87ff8
-
SHA256
8034c6a337c98b04d080a240b0b5e2789c6b743e557d03846192cf70346575ab
-
SHA512
40abbb36d0326299fb29aa99aa33486f0b2a33b6791de5a6ebb5cadcd4174a2978a19b7a794fdff4a8c11c13edb52b4c5e6cc1a0e21e98007dbfb7fcc43d027a
-
SSDEEP
12288:hy90jTdrpTRG6Vnk9KQLgTCkqvGcDmBiIkEiI33CI1IzCK5IzJM+o/KOIvhu4Ww:hy8hrpTE6VnVQMvqOcOiIXN3rU35IlJ9
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1