General
-
Target
3d2f664fee01b4e614dcdf33a8e55a7af68b034e25aeca9f101fa747d4a4fec0
-
Size
1.2MB
-
Sample
241110-bs3j8awjav
-
MD5
d590cf00aa88c6f2efc2247370e7c086
-
SHA1
ecb3bd7dac1730ffd24da32d59dfcf78c9ccee07
-
SHA256
3d2f664fee01b4e614dcdf33a8e55a7af68b034e25aeca9f101fa747d4a4fec0
-
SHA512
12c3278414f37ab4782a673f7b545778fbc6bf6b7636dc58124ec26a777b8c11b8344529ca98b4f0f6acb0d77a5136e3dd1562d3564f82ef34e7eac6ce299b82
-
SSDEEP
24576:IYAVCfN05jEKvD1eqB6QLUIHZinS07gPUSko5622+s:IY1NsVN654ZiE1ko5Q+
Static task
static1
Behavioral task
behavioral1
Sample
3d2f664fee01b4e614dcdf33a8e55a7af68b034e25aeca9f101fa747d4a4fec0.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
3d2f664fee01b4e614dcdf33a8e55a7af68b034e25aeca9f101fa747d4a4fec0.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3d2f664fee01b4e614dcdf33a8e55a7af68b034e25aeca9f101fa747d4a4fec0
-
Size
1.2MB
-
MD5
d590cf00aa88c6f2efc2247370e7c086
-
SHA1
ecb3bd7dac1730ffd24da32d59dfcf78c9ccee07
-
SHA256
3d2f664fee01b4e614dcdf33a8e55a7af68b034e25aeca9f101fa747d4a4fec0
-
SHA512
12c3278414f37ab4782a673f7b545778fbc6bf6b7636dc58124ec26a777b8c11b8344529ca98b4f0f6acb0d77a5136e3dd1562d3564f82ef34e7eac6ce299b82
-
SSDEEP
24576:IYAVCfN05jEKvD1eqB6QLUIHZinS07gPUSko5622+s:IY1NsVN654ZiE1ko5Q+
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1