General
-
Target
1554e29fb01a9363629c940c1e83c1d2bda375e7a650a761e145cddb9c671297
-
Size
562KB
-
Sample
241110-b9hldaxbnb
-
MD5
196f9e0f4d6081ac88b8d1f72e55c77e
-
SHA1
766d25164e58317e32a98a48a23182f9b38d5040
-
SHA256
1554e29fb01a9363629c940c1e83c1d2bda375e7a650a761e145cddb9c671297
-
SHA512
e569501cc8e5a7754da01229eb3e4a3cc4d2c3c45accb8229a46927a757ac109d21a80b335bd3492adcc022104a4419a6ec3127d6898c0bc95f51b1e74cddd93
-
SSDEEP
12288:My90Rml7cRbxvUe/ooSIftaorDIe7i3KJZFnm:MyOmFWxvbQkft1r8bwFnm
Static task
static1
Behavioral task
behavioral1
Sample
1554e29fb01a9363629c940c1e83c1d2bda375e7a650a761e145cddb9c671297.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
1554e29fb01a9363629c940c1e83c1d2bda375e7a650a761e145cddb9c671297
-
Size
562KB
-
MD5
196f9e0f4d6081ac88b8d1f72e55c77e
-
SHA1
766d25164e58317e32a98a48a23182f9b38d5040
-
SHA256
1554e29fb01a9363629c940c1e83c1d2bda375e7a650a761e145cddb9c671297
-
SHA512
e569501cc8e5a7754da01229eb3e4a3cc4d2c3c45accb8229a46927a757ac109d21a80b335bd3492adcc022104a4419a6ec3127d6898c0bc95f51b1e74cddd93
-
SSDEEP
12288:My90Rml7cRbxvUe/ooSIftaorDIe7i3KJZFnm:MyOmFWxvbQkft1r8bwFnm
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1