General
-
Target
8f04d90bb336b50c88edd7dc03f6a4fa21989ccbb724f1778d2da870c8037c9e
-
Size
697KB
-
Sample
241110-cfxzmswndy
-
MD5
327c8f5e0e05eaf9e9aa30532ba2d94f
-
SHA1
521bf0795a335285805a9c6399861b7857604031
-
SHA256
8f04d90bb336b50c88edd7dc03f6a4fa21989ccbb724f1778d2da870c8037c9e
-
SHA512
7a5b45bd13314cf8973b9b9560a694ebe3bcb13b3d2ac7106fdb0e17303b1ec0253f17484108ada4ea4f6bd88a50a88d44b6114dd17a86eddd212ae7928d53b6
-
SSDEEP
12288:ly90YecCo1BpJVXtABfPeCOL5nXdrTs4lCQ2TJBHMKw9Vr8Ngj4Oyb:lyNPXXkuj5nXNTUtBsKw998Ngj6
Static task
static1
Behavioral task
behavioral1
Sample
8f04d90bb336b50c88edd7dc03f6a4fa21989ccbb724f1778d2da870c8037c9e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8f04d90bb336b50c88edd7dc03f6a4fa21989ccbb724f1778d2da870c8037c9e
-
Size
697KB
-
MD5
327c8f5e0e05eaf9e9aa30532ba2d94f
-
SHA1
521bf0795a335285805a9c6399861b7857604031
-
SHA256
8f04d90bb336b50c88edd7dc03f6a4fa21989ccbb724f1778d2da870c8037c9e
-
SHA512
7a5b45bd13314cf8973b9b9560a694ebe3bcb13b3d2ac7106fdb0e17303b1ec0253f17484108ada4ea4f6bd88a50a88d44b6114dd17a86eddd212ae7928d53b6
-
SSDEEP
12288:ly90YecCo1BpJVXtABfPeCOL5nXdrTs4lCQ2TJBHMKw9Vr8Ngj4Oyb:lyNPXXkuj5nXNTUtBsKw998Ngj6
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1