General
-
Target
10c10b878d3dd5e124963bc5cdf17ef54c1684b32a99b81a01a1878e82e1524b
-
Size
706KB
-
Sample
241110-b8w3dazlem
-
MD5
1882d88440913634de37cfd1e24c6718
-
SHA1
3f5039948df2d5c65f47ecef382943ea6f9bb717
-
SHA256
10c10b878d3dd5e124963bc5cdf17ef54c1684b32a99b81a01a1878e82e1524b
-
SHA512
285b7ca25de93e7d103592e76bcad5a075c81cef01305f186df6ed34338d19af714a76a052403a0a7508a04f7643496c12f5f01755d528c7c7e22d2142fd0946
-
SSDEEP
12288:Cy905vvsZSmhc+nrc5BL/NzVrn8h9Dpw180CRAXZtRhvzNcQyvdKuo:CyQvsQxNzVr8hfX4FhWdRo
Static task
static1
Behavioral task
behavioral1
Sample
10c10b878d3dd5e124963bc5cdf17ef54c1684b32a99b81a01a1878e82e1524b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
10c10b878d3dd5e124963bc5cdf17ef54c1684b32a99b81a01a1878e82e1524b
-
Size
706KB
-
MD5
1882d88440913634de37cfd1e24c6718
-
SHA1
3f5039948df2d5c65f47ecef382943ea6f9bb717
-
SHA256
10c10b878d3dd5e124963bc5cdf17ef54c1684b32a99b81a01a1878e82e1524b
-
SHA512
285b7ca25de93e7d103592e76bcad5a075c81cef01305f186df6ed34338d19af714a76a052403a0a7508a04f7643496c12f5f01755d528c7c7e22d2142fd0946
-
SSDEEP
12288:Cy905vvsZSmhc+nrc5BL/NzVrn8h9Dpw180CRAXZtRhvzNcQyvdKuo:CyQvsQxNzVr8hfX4FhWdRo
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1