General
-
Target
f00f90730a46228e0bab05ff077aebfdfb79165fc096655d13f30584409659fd
-
Size
558KB
-
Sample
241110-bwtrgswhkc
-
MD5
c0583367913cb3bfacec39190df16ae5
-
SHA1
1db6cda937e2d14c628bc885bbae2527a649ca7e
-
SHA256
f00f90730a46228e0bab05ff077aebfdfb79165fc096655d13f30584409659fd
-
SHA512
847a2286faafe0b54a77d626583a434c26b5e1d0f14ae45a1b0189ce6f97deb54a9eac0f6130d716623775ebb2f836f17e061855c0228094b1c8a636dbea0a86
-
SSDEEP
12288:ey90D6z6bdu8T57RHHJeNFps6BpDomaixIB7FyEOysYg:eyfz6b9T57RJefMwO+J
Static task
static1
Behavioral task
behavioral1
Sample
f00f90730a46228e0bab05ff077aebfdfb79165fc096655d13f30584409659fd.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f00f90730a46228e0bab05ff077aebfdfb79165fc096655d13f30584409659fd
-
Size
558KB
-
MD5
c0583367913cb3bfacec39190df16ae5
-
SHA1
1db6cda937e2d14c628bc885bbae2527a649ca7e
-
SHA256
f00f90730a46228e0bab05ff077aebfdfb79165fc096655d13f30584409659fd
-
SHA512
847a2286faafe0b54a77d626583a434c26b5e1d0f14ae45a1b0189ce6f97deb54a9eac0f6130d716623775ebb2f836f17e061855c0228094b1c8a636dbea0a86
-
SSDEEP
12288:ey90D6z6bdu8T57RHHJeNFps6BpDomaixIB7FyEOysYg:eyfz6b9T57RJefMwO+J
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1