General
-
Target
2bbe6912a51a972e35af5f2f77c11ff5f674e3366a74f6e44f9acbb9a72b5d37
-
Size
702KB
-
Sample
241110-b7271awlhw
-
MD5
3dd5b1f34c7b06dad2444d78a91719c7
-
SHA1
86dc17169ca67895809d39a1fa2c6a4b0ddfa68f
-
SHA256
2bbe6912a51a972e35af5f2f77c11ff5f674e3366a74f6e44f9acbb9a72b5d37
-
SHA512
65b20ef403cf92fca7b3882e6186c2d03d037eb5a0904dc4111281989a7d801bf3a7393523c611eb825110749ab1666a344598160ac673ed12a837652e8edb7b
-
SSDEEP
12288:ly90n6msPeH0Nk4V2+N5wLPnEG28o9w2vQF2vM2JE71KTbcOL:lyAneNI+/cEGqwSUn2JExE
Static task
static1
Behavioral task
behavioral1
Sample
2bbe6912a51a972e35af5f2f77c11ff5f674e3366a74f6e44f9acbb9a72b5d37.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2bbe6912a51a972e35af5f2f77c11ff5f674e3366a74f6e44f9acbb9a72b5d37
-
Size
702KB
-
MD5
3dd5b1f34c7b06dad2444d78a91719c7
-
SHA1
86dc17169ca67895809d39a1fa2c6a4b0ddfa68f
-
SHA256
2bbe6912a51a972e35af5f2f77c11ff5f674e3366a74f6e44f9acbb9a72b5d37
-
SHA512
65b20ef403cf92fca7b3882e6186c2d03d037eb5a0904dc4111281989a7d801bf3a7393523c611eb825110749ab1666a344598160ac673ed12a837652e8edb7b
-
SSDEEP
12288:ly90n6msPeH0Nk4V2+N5wLPnEG28o9w2vQF2vM2JE71KTbcOL:lyAneNI+/cEGqwSUn2JExE
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1