General
-
Target
86efe8458f19b9bdf9243150354534218832b27d2b31ace6a2a13df256e5d8cb
-
Size
1.0MB
-
Sample
241110-bp1lfswfqa
-
MD5
a8e3639ecb4a500fc6f2f945ee422113
-
SHA1
b36e4b9c41c9e3a2c32cf5e9b901e66ee046d991
-
SHA256
86efe8458f19b9bdf9243150354534218832b27d2b31ace6a2a13df256e5d8cb
-
SHA512
43795977a81d1d411380b41ff51933a8365a3399973733fa5b3a9ee7ecf01a697f488aaaf7eab1110196f263f3ae85109f9da65baa3fa58d44ce25c787abae34
-
SSDEEP
24576:YcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:omZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc
Static task
static1
Behavioral task
behavioral1
Sample
86efe8458f19b9bdf9243150354534218832b27d2b31ace6a2a13df256e5d8cb.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
86efe8458f19b9bdf9243150354534218832b27d2b31ace6a2a13df256e5d8cb.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
86efe8458f19b9bdf9243150354534218832b27d2b31ace6a2a13df256e5d8cb
-
Size
1.0MB
-
MD5
a8e3639ecb4a500fc6f2f945ee422113
-
SHA1
b36e4b9c41c9e3a2c32cf5e9b901e66ee046d991
-
SHA256
86efe8458f19b9bdf9243150354534218832b27d2b31ace6a2a13df256e5d8cb
-
SHA512
43795977a81d1d411380b41ff51933a8365a3399973733fa5b3a9ee7ecf01a697f488aaaf7eab1110196f263f3ae85109f9da65baa3fa58d44ce25c787abae34
-
SSDEEP
24576:YcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:omZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1