General
-
Target
199c82537e4325aa9351d6647168b0e65af8abc6735595d7ccc5b0a018093ce1
-
Size
745KB
-
Sample
241110-b6dg9awlex
-
MD5
254b95134bf1d7829756650efaad4358
-
SHA1
05fd3ffa1e7e4712528680f24e8940695305c6f0
-
SHA256
199c82537e4325aa9351d6647168b0e65af8abc6735595d7ccc5b0a018093ce1
-
SHA512
6e868c15f3f15e93972d1d4d7124a020e5f0c83edaede84edff6511e4191bd427b8c0d2448054e473e473ea2a57b42462af7c72f15e4c33205db0b2f2d3469d4
-
SSDEEP
12288:ay90wJroEVTB8NYkXHG1Qv6dYVJGZmLsUhgQUu13TdGBVBT9ERv5L0qIfWan:ayproEVT9kX/vffPt1jAVaRxtQn
Static task
static1
Behavioral task
behavioral1
Sample
199c82537e4325aa9351d6647168b0e65af8abc6735595d7ccc5b0a018093ce1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
199c82537e4325aa9351d6647168b0e65af8abc6735595d7ccc5b0a018093ce1
-
Size
745KB
-
MD5
254b95134bf1d7829756650efaad4358
-
SHA1
05fd3ffa1e7e4712528680f24e8940695305c6f0
-
SHA256
199c82537e4325aa9351d6647168b0e65af8abc6735595d7ccc5b0a018093ce1
-
SHA512
6e868c15f3f15e93972d1d4d7124a020e5f0c83edaede84edff6511e4191bd427b8c0d2448054e473e473ea2a57b42462af7c72f15e4c33205db0b2f2d3469d4
-
SSDEEP
12288:ay90wJroEVTB8NYkXHG1Qv6dYVJGZmLsUhgQUu13TdGBVBT9ERv5L0qIfWan:ayproEVT9kX/vffPt1jAVaRxtQn
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1