General
-
Target
8c065b0d1c314a0d93996fbc585ef2ae5e30ab3f3f143fd01c16716d95dae9a6
-
Size
705KB
-
Sample
241110-bqk76ayqhn
-
MD5
168d48136025edbe2d53ef7434acbaeb
-
SHA1
5b6f86d8207e4a9d58ceadeb6497cc3463a6938a
-
SHA256
8c065b0d1c314a0d93996fbc585ef2ae5e30ab3f3f143fd01c16716d95dae9a6
-
SHA512
00c10d25fb568e048d1f4c5801572bacd484c2c900717fb6677fe12238d141e36a0b58d8041c33d8d3ce21c22139a149d5fc6ba52071ee3fa44ecf46be5dfb0f
-
SSDEEP
12288:2y90EjqJX0RxwFCGV51QUr42sqr6a3H+RwXZtRhvZNcRcd1PlmE:2yhjcX0RqoGV5yUr4OFFhnjUE
Static task
static1
Behavioral task
behavioral1
Sample
8c065b0d1c314a0d93996fbc585ef2ae5e30ab3f3f143fd01c16716d95dae9a6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8c065b0d1c314a0d93996fbc585ef2ae5e30ab3f3f143fd01c16716d95dae9a6
-
Size
705KB
-
MD5
168d48136025edbe2d53ef7434acbaeb
-
SHA1
5b6f86d8207e4a9d58ceadeb6497cc3463a6938a
-
SHA256
8c065b0d1c314a0d93996fbc585ef2ae5e30ab3f3f143fd01c16716d95dae9a6
-
SHA512
00c10d25fb568e048d1f4c5801572bacd484c2c900717fb6677fe12238d141e36a0b58d8041c33d8d3ce21c22139a149d5fc6ba52071ee3fa44ecf46be5dfb0f
-
SSDEEP
12288:2y90EjqJX0RxwFCGV51QUr42sqr6a3H+RwXZtRhvZNcRcd1PlmE:2yhjcX0RqoGV5yUr4OFFhnjUE
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1