General
-
Target
9ebb32ade38c26f898c85f6108e0e4efb679ddb4b85c00e601a321477cf31841
-
Size
707KB
-
Sample
241110-bwp4aswjf1
-
MD5
12bae2f9e7607766300867e0214e8f99
-
SHA1
e6e8c016de3d48b28b2eaad41dfbec415a2a528a
-
SHA256
9ebb32ade38c26f898c85f6108e0e4efb679ddb4b85c00e601a321477cf31841
-
SHA512
0157783ed21aeb54fb22555474bbf53b603086f044b7e87406f3a3b47ceab6ead3b6e2e94247e3e76132617761c5f4abf3e03d3a9451e736c4237e8e642755e9
-
SSDEEP
12288:3y90A9UvPrvhssNO91SEt8Xk34GcCSOoBy6Z/cl8J9LAlANS:3yt94dA58Xk7c6K1B99S
Static task
static1
Behavioral task
behavioral1
Sample
9ebb32ade38c26f898c85f6108e0e4efb679ddb4b85c00e601a321477cf31841.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9ebb32ade38c26f898c85f6108e0e4efb679ddb4b85c00e601a321477cf31841
-
Size
707KB
-
MD5
12bae2f9e7607766300867e0214e8f99
-
SHA1
e6e8c016de3d48b28b2eaad41dfbec415a2a528a
-
SHA256
9ebb32ade38c26f898c85f6108e0e4efb679ddb4b85c00e601a321477cf31841
-
SHA512
0157783ed21aeb54fb22555474bbf53b603086f044b7e87406f3a3b47ceab6ead3b6e2e94247e3e76132617761c5f4abf3e03d3a9451e736c4237e8e642755e9
-
SSDEEP
12288:3y90A9UvPrvhssNO91SEt8Xk34GcCSOoBy6Z/cl8J9LAlANS:3yt94dA58Xk7c6K1B99S
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1