General
-
Target
f23b461bc192214f4ee83506748686f6010fd5b1720ec5a7cfa559b7106869da
-
Size
560KB
-
Sample
241110-bnmcfawfmg
-
MD5
57c490621c7747020dc6941e79105af0
-
SHA1
ea397af5075f81692928b9fd927ba2df54aa7ea5
-
SHA256
f23b461bc192214f4ee83506748686f6010fd5b1720ec5a7cfa559b7106869da
-
SHA512
a9239e1aee17d85ecdcaef80c65dcd94062da8079678835e228ab77793e3bb120ceb208f187dbec9d5078ad65a1253c455680e327498aa78264844a05a662b70
-
SSDEEP
12288:/y90VO/mbgy3aqZ49sb6J3o3l09SmPxFM:/y3/ygy3akHmY3l0J7M
Static task
static1
Behavioral task
behavioral1
Sample
f23b461bc192214f4ee83506748686f6010fd5b1720ec5a7cfa559b7106869da.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f23b461bc192214f4ee83506748686f6010fd5b1720ec5a7cfa559b7106869da
-
Size
560KB
-
MD5
57c490621c7747020dc6941e79105af0
-
SHA1
ea397af5075f81692928b9fd927ba2df54aa7ea5
-
SHA256
f23b461bc192214f4ee83506748686f6010fd5b1720ec5a7cfa559b7106869da
-
SHA512
a9239e1aee17d85ecdcaef80c65dcd94062da8079678835e228ab77793e3bb120ceb208f187dbec9d5078ad65a1253c455680e327498aa78264844a05a662b70
-
SSDEEP
12288:/y90VO/mbgy3aqZ49sb6J3o3l09SmPxFM:/y3/ygy3akHmY3l0J7M
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1