General
-
Target
3df6d82bba89ca008eb976cda0fcade4c44fdcf51d536c614a5026dffab7a732
-
Size
546KB
-
Sample
241110-bmh9dsvqhz
-
MD5
5116e75a6f0eac7029d184d126de0103
-
SHA1
8bbddc11ac77a9c8b9c17c8256fb9afae218132e
-
SHA256
3df6d82bba89ca008eb976cda0fcade4c44fdcf51d536c614a5026dffab7a732
-
SHA512
c7d3dd526551a86987cb1e700c45e36be65aa6089ef7e9c712569131ce4579e6d991a50baa86f2728477bf4480762885469f17e76a38106596d2792c285f2dca
-
SSDEEP
12288:xMr1y90RDAwgbSBCXRMCxF1fo2gpzvpfGSA+rPlgRx4+m+JmF2eK:EyMA3SBCXRMCflvojp+Sdb8x11v
Static task
static1
Behavioral task
behavioral1
Sample
3df6d82bba89ca008eb976cda0fcade4c44fdcf51d536c614a5026dffab7a732.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rosto
hueref.eu:4162
-
auth_value
07d81eba8cad42bbd0ae60042d48eac6
Targets
-
-
Target
3df6d82bba89ca008eb976cda0fcade4c44fdcf51d536c614a5026dffab7a732
-
Size
546KB
-
MD5
5116e75a6f0eac7029d184d126de0103
-
SHA1
8bbddc11ac77a9c8b9c17c8256fb9afae218132e
-
SHA256
3df6d82bba89ca008eb976cda0fcade4c44fdcf51d536c614a5026dffab7a732
-
SHA512
c7d3dd526551a86987cb1e700c45e36be65aa6089ef7e9c712569131ce4579e6d991a50baa86f2728477bf4480762885469f17e76a38106596d2792c285f2dca
-
SSDEEP
12288:xMr1y90RDAwgbSBCXRMCxF1fo2gpzvpfGSA+rPlgRx4+m+JmF2eK:EyMA3SBCXRMCflvojp+Sdb8x11v
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1