General
-
Target
063a40f2e638c02ce9aa9d23c10e41e84b670fc3837ffd4f47c2db9181a6cbe9
-
Size
480KB
-
Sample
241110-d5mqmsyjf1
-
MD5
e39434cf5c4e856517658eb4f6630cf3
-
SHA1
4be7b47bb616e197660d7eeaa8e8191f91beb5d2
-
SHA256
063a40f2e638c02ce9aa9d23c10e41e84b670fc3837ffd4f47c2db9181a6cbe9
-
SHA512
9a7d7ee9b33da1b115035b6a301efec70665ef1e2b4cf4079aeb94427a0811ead2b7348000df12d7e45dbe44143c3f6f43882bd33dc6ea728adf46dc4dfdd53a
-
SSDEEP
12288:ZMrBy90aeqJUN8YomRR7qwyzZhlehFR1o2IlZC:wyjeqC2XhKVIy
Static task
static1
Behavioral task
behavioral1
Sample
063a40f2e638c02ce9aa9d23c10e41e84b670fc3837ffd4f47c2db9181a6cbe9.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
063a40f2e638c02ce9aa9d23c10e41e84b670fc3837ffd4f47c2db9181a6cbe9
-
Size
480KB
-
MD5
e39434cf5c4e856517658eb4f6630cf3
-
SHA1
4be7b47bb616e197660d7eeaa8e8191f91beb5d2
-
SHA256
063a40f2e638c02ce9aa9d23c10e41e84b670fc3837ffd4f47c2db9181a6cbe9
-
SHA512
9a7d7ee9b33da1b115035b6a301efec70665ef1e2b4cf4079aeb94427a0811ead2b7348000df12d7e45dbe44143c3f6f43882bd33dc6ea728adf46dc4dfdd53a
-
SSDEEP
12288:ZMrBy90aeqJUN8YomRR7qwyzZhlehFR1o2IlZC:wyjeqC2XhKVIy
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1