General
-
Target
f70543950a7ca10c6127f11f6e6554a05145c0443f58501e4155d2988bee9cca
-
Size
612KB
-
Sample
241110-bvldqawgrb
-
MD5
45c3c413e070f38030046a7cd1fd34f7
-
SHA1
f37d180c349f97c6d8bd1817bbedceae35ff5d15
-
SHA256
f70543950a7ca10c6127f11f6e6554a05145c0443f58501e4155d2988bee9cca
-
SHA512
986bc001ee6def5c1352ac65f97450e099563fe81322ac59c056702180acac8cfc9bbcbb1ceff2d553776acb60dd12e849708fc76ec8c12c37f079446a9a3154
-
SSDEEP
12288:Qy906xccvV+/9hZiAjgB4Q3u4Koul8FRDNRzchQUxp0Q:QyHxLvV6fNjgB42uho5xYxuQ
Static task
static1
Behavioral task
behavioral1
Sample
f70543950a7ca10c6127f11f6e6554a05145c0443f58501e4155d2988bee9cca.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f70543950a7ca10c6127f11f6e6554a05145c0443f58501e4155d2988bee9cca
-
Size
612KB
-
MD5
45c3c413e070f38030046a7cd1fd34f7
-
SHA1
f37d180c349f97c6d8bd1817bbedceae35ff5d15
-
SHA256
f70543950a7ca10c6127f11f6e6554a05145c0443f58501e4155d2988bee9cca
-
SHA512
986bc001ee6def5c1352ac65f97450e099563fe81322ac59c056702180acac8cfc9bbcbb1ceff2d553776acb60dd12e849708fc76ec8c12c37f079446a9a3154
-
SSDEEP
12288:Qy906xccvV+/9hZiAjgB4Q3u4Koul8FRDNRzchQUxp0Q:QyHxLvV6fNjgB42uho5xYxuQ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1