General
-
Target
c3b4d41725a9a97fab0309d2d45f6f0e2c6df5fc12360b69d2de2d4704b3cbed
-
Size
936KB
-
Sample
241110-dhhheayamk
-
MD5
c89a46d225214c2a7983f3c5c7cac159
-
SHA1
5ed7c2aaa31eb1c8402c9acc2a0844926228ecb3
-
SHA256
c3b4d41725a9a97fab0309d2d45f6f0e2c6df5fc12360b69d2de2d4704b3cbed
-
SHA512
5fb28d1d6e7fd6d1e34b95c170cb93c18ed6ee3ea5c76923f1d6d138d1097077d883545ea9f70966453784886ba34680ab7b5ad3d9ae240d1b9bd01a9c4f2b05
-
SSDEEP
24576:iyzQ6buTxoU+Lps1JdPJ2I98vi188NkKXR1WTPW:JzoTxoU+EdLJ186h4
Static task
static1
Behavioral task
behavioral1
Sample
c3b4d41725a9a97fab0309d2d45f6f0e2c6df5fc12360b69d2de2d4704b3cbed.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c3b4d41725a9a97fab0309d2d45f6f0e2c6df5fc12360b69d2de2d4704b3cbed
-
Size
936KB
-
MD5
c89a46d225214c2a7983f3c5c7cac159
-
SHA1
5ed7c2aaa31eb1c8402c9acc2a0844926228ecb3
-
SHA256
c3b4d41725a9a97fab0309d2d45f6f0e2c6df5fc12360b69d2de2d4704b3cbed
-
SHA512
5fb28d1d6e7fd6d1e34b95c170cb93c18ed6ee3ea5c76923f1d6d138d1097077d883545ea9f70966453784886ba34680ab7b5ad3d9ae240d1b9bd01a9c4f2b05
-
SSDEEP
24576:iyzQ6buTxoU+Lps1JdPJ2I98vi188NkKXR1WTPW:JzoTxoU+EdLJ186h4
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1