General
-
Target
5e774b79ac0b3b80b808bc364d546818495ea90ecde07072f3220e6c7a3c80a8
-
Size
1.1MB
-
Sample
241110-bm85tawfma
-
MD5
c2b4b8f2cb603456c23725ed41dedd8f
-
SHA1
ce7b02fb07ce63496fb9bddbed9fdcc95e1e2e30
-
SHA256
5e774b79ac0b3b80b808bc364d546818495ea90ecde07072f3220e6c7a3c80a8
-
SHA512
33dc5a40a77db36511a5b28ba906dd6883edd4ba2f2f95804d902a728478e6b15284b1ef3ce9b5a65bd290e32b59fd76e4319564f7a212e0b4db405ba223e5de
-
SSDEEP
24576:TyLOqxXGRxSCalyWUkazr8HRXEy9d40C8PjxnSNzKCVEx6P:mB2xSCarUlox140C8PjQNNVEx6
Static task
static1
Behavioral task
behavioral1
Sample
5e774b79ac0b3b80b808bc364d546818495ea90ecde07072f3220e6c7a3c80a8.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
5e774b79ac0b3b80b808bc364d546818495ea90ecde07072f3220e6c7a3c80a8
-
Size
1.1MB
-
MD5
c2b4b8f2cb603456c23725ed41dedd8f
-
SHA1
ce7b02fb07ce63496fb9bddbed9fdcc95e1e2e30
-
SHA256
5e774b79ac0b3b80b808bc364d546818495ea90ecde07072f3220e6c7a3c80a8
-
SHA512
33dc5a40a77db36511a5b28ba906dd6883edd4ba2f2f95804d902a728478e6b15284b1ef3ce9b5a65bd290e32b59fd76e4319564f7a212e0b4db405ba223e5de
-
SSDEEP
24576:TyLOqxXGRxSCalyWUkazr8HRXEy9d40C8PjxnSNzKCVEx6P:mB2xSCarUlox140C8PjQNNVEx6
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1