General
-
Target
1e7abcdf7bba9dba7555b7db59997ebd962e44368ff0284bcffe846463f5750e
-
Size
966KB
-
Sample
241110-b6kxbsxbjc
-
MD5
cc3c43f6e8a28c1fd4afce578bed9e3e
-
SHA1
8669e49b13216db9a505855ee2b137d6b9915ab5
-
SHA256
1e7abcdf7bba9dba7555b7db59997ebd962e44368ff0284bcffe846463f5750e
-
SHA512
ae9f3415d444cd1c3adbdc4fd128a63604ac624d099e4e155f864fe500ba941742620b02717464e2a484b87d2f1b4bc6c8b6a34c37307690d9c58d4ee82e1a44
-
SSDEEP
24576:iyQgBbEfQvUIx3JE1VhNrtTc/W3GC7+w8wbi:JFEfQq1vN6/nC7+0
Static task
static1
Behavioral task
behavioral1
Sample
1e7abcdf7bba9dba7555b7db59997ebd962e44368ff0284bcffe846463f5750e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
1e7abcdf7bba9dba7555b7db59997ebd962e44368ff0284bcffe846463f5750e
-
Size
966KB
-
MD5
cc3c43f6e8a28c1fd4afce578bed9e3e
-
SHA1
8669e49b13216db9a505855ee2b137d6b9915ab5
-
SHA256
1e7abcdf7bba9dba7555b7db59997ebd962e44368ff0284bcffe846463f5750e
-
SHA512
ae9f3415d444cd1c3adbdc4fd128a63604ac624d099e4e155f864fe500ba941742620b02717464e2a484b87d2f1b4bc6c8b6a34c37307690d9c58d4ee82e1a44
-
SSDEEP
24576:iyQgBbEfQvUIx3JE1VhNrtTc/W3GC7+w8wbi:JFEfQq1vN6/nC7+0
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1