General
-
Target
42d36d80c9d4ded35ce53bd8f4aef01ff4a5e8cf36e1d2bfb6e071cca86bfa76N
-
Size
612KB
-
Sample
241110-cg3xaaxcqg
-
MD5
5cc0274b86b54773e0246e17af2c8450
-
SHA1
b4a600a7724104ccad63605763a1ad56984c7b98
-
SHA256
42d36d80c9d4ded35ce53bd8f4aef01ff4a5e8cf36e1d2bfb6e071cca86bfa76
-
SHA512
0b4717193d717eba23453a3e4dedbbbdfe59f803ef45de03ae78d6f31134e8a98b6b71fb86e514677908a7d6e750b171b57fb1f7aeb08e1a61426e99b81a12c8
-
SSDEEP
12288:4y90oNjOMlpD0nrBhZmhsg4ewNTdI7PKPUnwdMciwq208A/yRgKx:4yxNjTcHUw5K7PKPUnKMcXCfqL
Static task
static1
Behavioral task
behavioral1
Sample
42d36d80c9d4ded35ce53bd8f4aef01ff4a5e8cf36e1d2bfb6e071cca86bfa76N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
42d36d80c9d4ded35ce53bd8f4aef01ff4a5e8cf36e1d2bfb6e071cca86bfa76N
-
Size
612KB
-
MD5
5cc0274b86b54773e0246e17af2c8450
-
SHA1
b4a600a7724104ccad63605763a1ad56984c7b98
-
SHA256
42d36d80c9d4ded35ce53bd8f4aef01ff4a5e8cf36e1d2bfb6e071cca86bfa76
-
SHA512
0b4717193d717eba23453a3e4dedbbbdfe59f803ef45de03ae78d6f31134e8a98b6b71fb86e514677908a7d6e750b171b57fb1f7aeb08e1a61426e99b81a12c8
-
SSDEEP
12288:4y90oNjOMlpD0nrBhZmhsg4ewNTdI7PKPUnwdMciwq208A/yRgKx:4yxNjTcHUw5K7PKPUnKMcXCfqL
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1