General
-
Target
e16e6e348f270653921e0c1e33a75777769f851aa4c02e362e4f281e8762846bN
-
Size
608KB
-
Sample
241110-bxy3lawhlc
-
MD5
3507e3debab92fabc40f213361a2bc50
-
SHA1
43ca9016b65206490873a2908238186e025e24d8
-
SHA256
e16e6e348f270653921e0c1e33a75777769f851aa4c02e362e4f281e8762846b
-
SHA512
8c88d27401ec657eb79425f2f8a4565806ba4918a234213cf250c7670e3c003b3511b17af7c4192713b8f3de2cbc913a20cebd956a6823a777390d922c8e0814
-
SSDEEP
12288:Xy90hFZ5ThV6oMPGO5tU57ttyLNtC3x5zUInDaMFwv/:Xy4Z5ThY/OO5tUNtINtCnzUI8n
Static task
static1
Behavioral task
behavioral1
Sample
e16e6e348f270653921e0c1e33a75777769f851aa4c02e362e4f281e8762846bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e16e6e348f270653921e0c1e33a75777769f851aa4c02e362e4f281e8762846bN
-
Size
608KB
-
MD5
3507e3debab92fabc40f213361a2bc50
-
SHA1
43ca9016b65206490873a2908238186e025e24d8
-
SHA256
e16e6e348f270653921e0c1e33a75777769f851aa4c02e362e4f281e8762846b
-
SHA512
8c88d27401ec657eb79425f2f8a4565806ba4918a234213cf250c7670e3c003b3511b17af7c4192713b8f3de2cbc913a20cebd956a6823a777390d922c8e0814
-
SSDEEP
12288:Xy90hFZ5ThV6oMPGO5tU57ttyLNtC3x5zUInDaMFwv/:Xy4Z5ThY/OO5tUNtINtCnzUI8n
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1