General
-
Target
6f484d7a46125c2df2e5e506d151d9164c54d0ee9afb7edbdd849e29c6ac02d5
-
Size
563KB
-
Sample
241110-bm4kbswekr
-
MD5
a55938a5df42627c9b3401d961a2296e
-
SHA1
42acf21a83cde297f19c604cb322aa1d41e0d742
-
SHA256
6f484d7a46125c2df2e5e506d151d9164c54d0ee9afb7edbdd849e29c6ac02d5
-
SHA512
15aaac35ece75e06ed5883b3331f056a75b987f32335f1a16ea7dde020eb6be08ee39065b52bcf038dcf413368ace26640c58a6df7155fce97e5aa8c9e2823a3
-
SSDEEP
12288:Ey905F9IKqklM4OCmL0bOQiLx3/12TRRH05XemHvEW:EykF9DqklXOz0bOQUZ/1CRN0sm8W
Static task
static1
Behavioral task
behavioral1
Sample
6f484d7a46125c2df2e5e506d151d9164c54d0ee9afb7edbdd849e29c6ac02d5.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6f484d7a46125c2df2e5e506d151d9164c54d0ee9afb7edbdd849e29c6ac02d5
-
Size
563KB
-
MD5
a55938a5df42627c9b3401d961a2296e
-
SHA1
42acf21a83cde297f19c604cb322aa1d41e0d742
-
SHA256
6f484d7a46125c2df2e5e506d151d9164c54d0ee9afb7edbdd849e29c6ac02d5
-
SHA512
15aaac35ece75e06ed5883b3331f056a75b987f32335f1a16ea7dde020eb6be08ee39065b52bcf038dcf413368ace26640c58a6df7155fce97e5aa8c9e2823a3
-
SSDEEP
12288:Ey905F9IKqklM4OCmL0bOQiLx3/12TRRH05XemHvEW:EykF9DqklXOz0bOQUZ/1CRN0sm8W
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1