General
-
Target
05e2c1efa5aac03629f3383665378b06cb1c3fdbe5d857f42ce7e2b490594f03
-
Size
566KB
-
Sample
241110-dhlvtsxnf1
-
MD5
ebcbd34b753f19e0050d63b3ca9de90b
-
SHA1
6941987945160861ad308ff56b2041479593122d
-
SHA256
05e2c1efa5aac03629f3383665378b06cb1c3fdbe5d857f42ce7e2b490594f03
-
SHA512
c75c8b6d85f7c315bcfa3c00d5a83407d6e189218c1a32ea8c73944293a6573d4bb0101656b3ddf80406dcb49ac3407427135171d96a0602e3a0f2801a03e9c2
-
SSDEEP
12288:8y90hOIPptS8p4IKWhw2Ow4GXWCSAUyPbWF9miXZtJyNictLDfs8frUQ+n27:8yqrJpi2d4iBbu9mipt4nfraO
Static task
static1
Behavioral task
behavioral1
Sample
05e2c1efa5aac03629f3383665378b06cb1c3fdbe5d857f42ce7e2b490594f03.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
05e2c1efa5aac03629f3383665378b06cb1c3fdbe5d857f42ce7e2b490594f03
-
Size
566KB
-
MD5
ebcbd34b753f19e0050d63b3ca9de90b
-
SHA1
6941987945160861ad308ff56b2041479593122d
-
SHA256
05e2c1efa5aac03629f3383665378b06cb1c3fdbe5d857f42ce7e2b490594f03
-
SHA512
c75c8b6d85f7c315bcfa3c00d5a83407d6e189218c1a32ea8c73944293a6573d4bb0101656b3ddf80406dcb49ac3407427135171d96a0602e3a0f2801a03e9c2
-
SSDEEP
12288:8y90hOIPptS8p4IKWhw2Ow4GXWCSAUyPbWF9miXZtJyNictLDfs8frUQ+n27:8yqrJpi2d4iBbu9mipt4nfraO
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1