General
-
Target
6b87a48bd7a130c43fdf3390582db41b28339ee8d5201cb1f72a4e65cedbc211
-
Size
703KB
-
Sample
241110-cgr5saxbkm
-
MD5
6081d0ba87c3f11a3e7b750fbfcee821
-
SHA1
9784fe16a8703583437db8e893af9b7843339ca7
-
SHA256
6b87a48bd7a130c43fdf3390582db41b28339ee8d5201cb1f72a4e65cedbc211
-
SHA512
a650e2b2b507be8d1d8e47572687bccc0307119ffe90d25430a24c290454409557cb13938a1c16454beb3e7eebef239feee2c3a1c8aec0be56115b6bac8c3573
-
SSDEEP
12288:vy90q5U4c1Je8PYZyP7wxxlVhdPf5F9mimZawbIiZtAnAPHDgIoUvk:vyHMJHYZoaVf/9miKaKMMnoU8
Static task
static1
Behavioral task
behavioral1
Sample
6b87a48bd7a130c43fdf3390582db41b28339ee8d5201cb1f72a4e65cedbc211.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6b87a48bd7a130c43fdf3390582db41b28339ee8d5201cb1f72a4e65cedbc211
-
Size
703KB
-
MD5
6081d0ba87c3f11a3e7b750fbfcee821
-
SHA1
9784fe16a8703583437db8e893af9b7843339ca7
-
SHA256
6b87a48bd7a130c43fdf3390582db41b28339ee8d5201cb1f72a4e65cedbc211
-
SHA512
a650e2b2b507be8d1d8e47572687bccc0307119ffe90d25430a24c290454409557cb13938a1c16454beb3e7eebef239feee2c3a1c8aec0be56115b6bac8c3573
-
SSDEEP
12288:vy90q5U4c1Je8PYZyP7wxxlVhdPf5F9mimZawbIiZtAnAPHDgIoUvk:vyHMJHYZoaVf/9miKaKMMnoU8
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1