General
-
Target
41de133de455f7100695f2453fa8880498c5f01f47799bbb4c19bc10e3c7ba35
-
Size
966KB
-
Sample
241110-d93yesyhjb
-
MD5
cfcc5f5c0c74354bb9d7190becb4bf7a
-
SHA1
4b913e499a0ce6b87ff64f225c41336d943413c6
-
SHA256
41de133de455f7100695f2453fa8880498c5f01f47799bbb4c19bc10e3c7ba35
-
SHA512
0bff45aec27824d4b695096db43eb92c917019c92b5aff4d1791f2448cc5de6a47520ce08a6a1e4a1dc958fbb9bff04422540e6a7501ae27b1b0fbc79c934553
-
SSDEEP
24576:7yFI+6xw2JKFJ+mbX4hQGc07vFcVh9usAD5IPtjv:uDCwFFtb4hQNYvihRAyPJ
Static task
static1
Behavioral task
behavioral1
Sample
41de133de455f7100695f2453fa8880498c5f01f47799bbb4c19bc10e3c7ba35.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
41de133de455f7100695f2453fa8880498c5f01f47799bbb4c19bc10e3c7ba35
-
Size
966KB
-
MD5
cfcc5f5c0c74354bb9d7190becb4bf7a
-
SHA1
4b913e499a0ce6b87ff64f225c41336d943413c6
-
SHA256
41de133de455f7100695f2453fa8880498c5f01f47799bbb4c19bc10e3c7ba35
-
SHA512
0bff45aec27824d4b695096db43eb92c917019c92b5aff4d1791f2448cc5de6a47520ce08a6a1e4a1dc958fbb9bff04422540e6a7501ae27b1b0fbc79c934553
-
SSDEEP
24576:7yFI+6xw2JKFJ+mbX4hQGc07vFcVh9usAD5IPtjv:uDCwFFtb4hQNYvihRAyPJ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1