General
-
Target
d94f1662d50ba9ac0612eb4d3deb1979b309ed6cc341482f908d78ce08317635
-
Size
828KB
-
Sample
241110-d6yvasygle
-
MD5
fc7a9c1dab84de162f367e2367ca7e6e
-
SHA1
46c79c151666b2de87b3b86a71431137e9b624e0
-
SHA256
d94f1662d50ba9ac0612eb4d3deb1979b309ed6cc341482f908d78ce08317635
-
SHA512
c9ee96eb6675abc74577c1492bbdf8e1b1feeffa9a944a2b9f0ffba784e0cefea6ff334938b791ad901d7829da8b266e0f35df23fc361c94ef4e5b130cc0a577
-
SSDEEP
24576:0yCAgbFAbY+xhfo9QMK7bmzMgdJKlb6o:DZgbybphfAK7bmzMgPKl2
Static task
static1
Behavioral task
behavioral1
Sample
d94f1662d50ba9ac0612eb4d3deb1979b309ed6cc341482f908d78ce08317635.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d94f1662d50ba9ac0612eb4d3deb1979b309ed6cc341482f908d78ce08317635
-
Size
828KB
-
MD5
fc7a9c1dab84de162f367e2367ca7e6e
-
SHA1
46c79c151666b2de87b3b86a71431137e9b624e0
-
SHA256
d94f1662d50ba9ac0612eb4d3deb1979b309ed6cc341482f908d78ce08317635
-
SHA512
c9ee96eb6675abc74577c1492bbdf8e1b1feeffa9a944a2b9f0ffba784e0cefea6ff334938b791ad901d7829da8b266e0f35df23fc361c94ef4e5b130cc0a577
-
SSDEEP
24576:0yCAgbFAbY+xhfo9QMK7bmzMgdJKlb6o:DZgbybphfAK7bmzMgPKl2
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1