General
-
Target
d3ef4e54677e38bfa2e2d2a0a7eb8861f64fb04bdd77176505a4f9648e69caa1
-
Size
690KB
-
Sample
241110-bpmdtswfpe
-
MD5
e1839e22c6368aa28f0b09dead674a4b
-
SHA1
d5658b7f56816475bb3e072a58b1cca4cd5ef677
-
SHA256
d3ef4e54677e38bfa2e2d2a0a7eb8861f64fb04bdd77176505a4f9648e69caa1
-
SHA512
2c93f2251b1371530150bf051a6a75938b973923f510a1ee5b7190067dd0c35c4805a30954b87a05da74fb95c396b7aa0167449e76fa2d88dba5ca86ae163d67
-
SSDEEP
12288:Ry90zE8wTxRPVHePTcIxT8hCiDi+CSXRvZXUt09St2lm/PXKpTxyc:Ry18C9HGTJxm5DiVkRvZXFA2lKvKplyc
Static task
static1
Behavioral task
behavioral1
Sample
d3ef4e54677e38bfa2e2d2a0a7eb8861f64fb04bdd77176505a4f9648e69caa1.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d3ef4e54677e38bfa2e2d2a0a7eb8861f64fb04bdd77176505a4f9648e69caa1
-
Size
690KB
-
MD5
e1839e22c6368aa28f0b09dead674a4b
-
SHA1
d5658b7f56816475bb3e072a58b1cca4cd5ef677
-
SHA256
d3ef4e54677e38bfa2e2d2a0a7eb8861f64fb04bdd77176505a4f9648e69caa1
-
SHA512
2c93f2251b1371530150bf051a6a75938b973923f510a1ee5b7190067dd0c35c4805a30954b87a05da74fb95c396b7aa0167449e76fa2d88dba5ca86ae163d67
-
SSDEEP
12288:Ry90zE8wTxRPVHePTcIxT8hCiDi+CSXRvZXUt09St2lm/PXKpTxyc:Ry18C9HGTJxm5DiVkRvZXFA2lKvKplyc
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1