General
-
Target
dd1fa2391bdbf81baedbdd72659a6aebc24b3cbbfb2ec06d85109eea01560615N
-
Size
623KB
-
Sample
241110-dgkldaybpe
-
MD5
7147d34e69aa8045fae7f78a601f6c20
-
SHA1
924a8b50bef52ba2b6af24ddff1be34b7c602684
-
SHA256
dd1fa2391bdbf81baedbdd72659a6aebc24b3cbbfb2ec06d85109eea01560615
-
SHA512
17fbe6e4327fce538036a3ab68d0ce75c6c56c989ccede218d7cdc792a9152676993abfecb53d9ff98614bbd66553d54a63ebd5ee2a88b4e135e81e7c3e3f82b
-
SSDEEP
12288:hy90MYQqlj1SM8slHif+sfXA76Vwu+mDZnF8KU2TTSjK:hyGzR99OvE6uu+IUEmjK
Static task
static1
Behavioral task
behavioral1
Sample
dd1fa2391bdbf81baedbdd72659a6aebc24b3cbbfb2ec06d85109eea01560615N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
dd1fa2391bdbf81baedbdd72659a6aebc24b3cbbfb2ec06d85109eea01560615N
-
Size
623KB
-
MD5
7147d34e69aa8045fae7f78a601f6c20
-
SHA1
924a8b50bef52ba2b6af24ddff1be34b7c602684
-
SHA256
dd1fa2391bdbf81baedbdd72659a6aebc24b3cbbfb2ec06d85109eea01560615
-
SHA512
17fbe6e4327fce538036a3ab68d0ce75c6c56c989ccede218d7cdc792a9152676993abfecb53d9ff98614bbd66553d54a63ebd5ee2a88b4e135e81e7c3e3f82b
-
SSDEEP
12288:hy90MYQqlj1SM8slHif+sfXA76Vwu+mDZnF8KU2TTSjK:hyGzR99OvE6uu+IUEmjK
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1