General
-
Target
e42245e8bd7a37984b5fedee9b58751298fb69a68fbdb47dde0be20af2caae16
-
Size
1.2MB
-
Sample
241110-bva8rawgqb
-
MD5
3283fa97b5dad7dd0c6b309fc9acb153
-
SHA1
c3773d0b2051f141bede8947467d54c04625ba49
-
SHA256
e42245e8bd7a37984b5fedee9b58751298fb69a68fbdb47dde0be20af2caae16
-
SHA512
9f95bac67b231177783c8975eed6ae5b1ca630f3377905f2a92546b0b2f649dfcf25f6fa515f9de7ceaa487f84326f713c15a1567cbfb9a316c11853c590ad4a
-
SSDEEP
24576:NDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:NDpG5wcVCjiTDbb35G0BjiUuh7xXw2L
Static task
static1
Behavioral task
behavioral1
Sample
e42245e8bd7a37984b5fedee9b58751298fb69a68fbdb47dde0be20af2caae16.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
e42245e8bd7a37984b5fedee9b58751298fb69a68fbdb47dde0be20af2caae16.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e42245e8bd7a37984b5fedee9b58751298fb69a68fbdb47dde0be20af2caae16
-
Size
1.2MB
-
MD5
3283fa97b5dad7dd0c6b309fc9acb153
-
SHA1
c3773d0b2051f141bede8947467d54c04625ba49
-
SHA256
e42245e8bd7a37984b5fedee9b58751298fb69a68fbdb47dde0be20af2caae16
-
SHA512
9f95bac67b231177783c8975eed6ae5b1ca630f3377905f2a92546b0b2f649dfcf25f6fa515f9de7ceaa487f84326f713c15a1567cbfb9a316c11853c590ad4a
-
SSDEEP
24576:NDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:NDpG5wcVCjiTDbb35G0BjiUuh7xXw2L
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1