General
-
Target
3fb3b09dc1e302e6144743b63c8635a60965c1885b7515a69ba5a912b0a95758
-
Size
1.1MB
-
Sample
241110-cgn35axcqb
-
MD5
44738f86419fde58b9c4cfb9a562b16b
-
SHA1
88634511c7a962707ca7b81e43621ef9ca2be1b2
-
SHA256
3fb3b09dc1e302e6144743b63c8635a60965c1885b7515a69ba5a912b0a95758
-
SHA512
55f7615a93506c2a4e56345f9f4e275d38c5a0f28428f2ba6711e8d7a97aed645bf5929f78ff9d4e76ed3541c6f5db1f3d7b284870c09b005aa0c2882fd3005b
-
SSDEEP
24576:9y3gM/r0wl0s2ggVSO4ybHZbUdW13yux4Ewyfz4rvjsKfT1LEpLKypLD:Y3dz0YgVSmFL3Powywy1LEpuypL
Static task
static1
Behavioral task
behavioral1
Sample
3fb3b09dc1e302e6144743b63c8635a60965c1885b7515a69ba5a912b0a95758.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3fb3b09dc1e302e6144743b63c8635a60965c1885b7515a69ba5a912b0a95758
-
Size
1.1MB
-
MD5
44738f86419fde58b9c4cfb9a562b16b
-
SHA1
88634511c7a962707ca7b81e43621ef9ca2be1b2
-
SHA256
3fb3b09dc1e302e6144743b63c8635a60965c1885b7515a69ba5a912b0a95758
-
SHA512
55f7615a93506c2a4e56345f9f4e275d38c5a0f28428f2ba6711e8d7a97aed645bf5929f78ff9d4e76ed3541c6f5db1f3d7b284870c09b005aa0c2882fd3005b
-
SSDEEP
24576:9y3gM/r0wl0s2ggVSO4ybHZbUdW13yux4Ewyfz4rvjsKfT1LEpLKypLD:Y3dz0YgVSmFL3Powywy1LEpuypL
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1