General
-
Target
c52f5483f565321cd9b165afe0b55ff52f85b5b1f17646fe2215e1b3ad831bda
-
Size
828KB
-
Sample
241110-dhyvdsxngt
-
MD5
569a46f2effbb812b298698f895989e9
-
SHA1
379da4ad055c26479ad85e71e87a01626b6759ad
-
SHA256
c52f5483f565321cd9b165afe0b55ff52f85b5b1f17646fe2215e1b3ad831bda
-
SHA512
cb6235228fc6ed4e090db53537f7b9774a6b0f700d4dcc00404c274b8fc6c04a97830dfd3aceec1a081fddeb381c30e9f731cffa7da74b048fba0f7bf924517a
-
SSDEEP
24576:UyQ2v85KRYm0anJ1FyxpPSbpXEmbrNY4ln:jQ205ban8xpP+XEmbht
Static task
static1
Behavioral task
behavioral1
Sample
c52f5483f565321cd9b165afe0b55ff52f85b5b1f17646fe2215e1b3ad831bda.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c52f5483f565321cd9b165afe0b55ff52f85b5b1f17646fe2215e1b3ad831bda
-
Size
828KB
-
MD5
569a46f2effbb812b298698f895989e9
-
SHA1
379da4ad055c26479ad85e71e87a01626b6759ad
-
SHA256
c52f5483f565321cd9b165afe0b55ff52f85b5b1f17646fe2215e1b3ad831bda
-
SHA512
cb6235228fc6ed4e090db53537f7b9774a6b0f700d4dcc00404c274b8fc6c04a97830dfd3aceec1a081fddeb381c30e9f731cffa7da74b048fba0f7bf924517a
-
SSDEEP
24576:UyQ2v85KRYm0anJ1FyxpPSbpXEmbrNY4ln:jQ205ban8xpP+XEmbht
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1