General
-
Target
479c56d566048b547c38abbfae66e6b7dd679c012030ab4593a12a30873ff3da
-
Size
701KB
-
Sample
241110-bzzf5swhqh
-
MD5
67446d2a011827c1a4b04aee56e3891b
-
SHA1
54efb24003bcf2f68cd0ce6bc983d2be73426947
-
SHA256
479c56d566048b547c38abbfae66e6b7dd679c012030ab4593a12a30873ff3da
-
SHA512
c3522129a8125c161a151f86d80df119908dcb15b9f4f661f940c931391fb8ea3d0243f6bf119549b613de3fe5c1f7b2bec8264acbf237482cf636519c16bd11
-
SSDEEP
12288:Dy90l5em2UNGtvak4ULYHM33L8EG2/o9waqQFbGprQ9bt825Y:DyOem2UNELYHM3pGLwtEcUpj5Y
Static task
static1
Behavioral task
behavioral1
Sample
479c56d566048b547c38abbfae66e6b7dd679c012030ab4593a12a30873ff3da.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
479c56d566048b547c38abbfae66e6b7dd679c012030ab4593a12a30873ff3da
-
Size
701KB
-
MD5
67446d2a011827c1a4b04aee56e3891b
-
SHA1
54efb24003bcf2f68cd0ce6bc983d2be73426947
-
SHA256
479c56d566048b547c38abbfae66e6b7dd679c012030ab4593a12a30873ff3da
-
SHA512
c3522129a8125c161a151f86d80df119908dcb15b9f4f661f940c931391fb8ea3d0243f6bf119549b613de3fe5c1f7b2bec8264acbf237482cf636519c16bd11
-
SSDEEP
12288:Dy90l5em2UNGtvak4ULYHM33L8EG2/o9waqQFbGprQ9bt825Y:DyOem2UNELYHM3pGLwtEcUpj5Y
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1