General
-
Target
2d75a46d630cd1afee198e1ee598667e115509f7174e94ca1fd291c46341ad91
-
Size
695KB
-
Sample
241110-d67r7sykaw
-
MD5
8fc505222d3222792af7ca19a4119a67
-
SHA1
5e8146a3bc3914f8ba1904c1cd927aa629f0c330
-
SHA256
2d75a46d630cd1afee198e1ee598667e115509f7174e94ca1fd291c46341ad91
-
SHA512
aa6cf3a6cefcf7dd35db3ba5a30e5a66e8d9707a4e91fe90017fa531d3217da5c44c283f238bfbd2658868288d91a3223f0409144dfe01d54602f2f86e5d3c4c
-
SSDEEP
12288:ry903e2OJ7l+88L03R8vbvJ/EL7HUStqxkdWq4SbZe7ZV72tm:ry17l+nA3mLN47HUrkBbZUZh5
Static task
static1
Behavioral task
behavioral1
Sample
2d75a46d630cd1afee198e1ee598667e115509f7174e94ca1fd291c46341ad91.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2d75a46d630cd1afee198e1ee598667e115509f7174e94ca1fd291c46341ad91
-
Size
695KB
-
MD5
8fc505222d3222792af7ca19a4119a67
-
SHA1
5e8146a3bc3914f8ba1904c1cd927aa629f0c330
-
SHA256
2d75a46d630cd1afee198e1ee598667e115509f7174e94ca1fd291c46341ad91
-
SHA512
aa6cf3a6cefcf7dd35db3ba5a30e5a66e8d9707a4e91fe90017fa531d3217da5c44c283f238bfbd2658868288d91a3223f0409144dfe01d54602f2f86e5d3c4c
-
SSDEEP
12288:ry903e2OJ7l+88L03R8vbvJ/EL7HUStqxkdWq4SbZe7ZV72tm:ry17l+nA3mLN47HUrkBbZUZh5
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1