General
-
Target
587e7011b952f115791a6713032d2b19bade4bdbecee2a4450220ef59d3dc99e
-
Size
479KB
-
Sample
241110-djkn6ayapn
-
MD5
f577caa416133c797958b9f0fef92a2f
-
SHA1
fdb3359d3b1cda1015baf6e67445945443376ba5
-
SHA256
587e7011b952f115791a6713032d2b19bade4bdbecee2a4450220ef59d3dc99e
-
SHA512
b90c01755a628d108423b52b02508a6c3c0d1fee9a2b366d26415b15b8d81069dc44caf106cbee2a20a0592435118064880158848e2a77f1027e00c5578959dc
-
SSDEEP
12288:YMrOy90Ll17wBPV11TIwFK2gQboaMADiaGqR5Gtol:GyE7SfE2vAU2qRV
Static task
static1
Behavioral task
behavioral1
Sample
587e7011b952f115791a6713032d2b19bade4bdbecee2a4450220ef59d3dc99e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
587e7011b952f115791a6713032d2b19bade4bdbecee2a4450220ef59d3dc99e
-
Size
479KB
-
MD5
f577caa416133c797958b9f0fef92a2f
-
SHA1
fdb3359d3b1cda1015baf6e67445945443376ba5
-
SHA256
587e7011b952f115791a6713032d2b19bade4bdbecee2a4450220ef59d3dc99e
-
SHA512
b90c01755a628d108423b52b02508a6c3c0d1fee9a2b366d26415b15b8d81069dc44caf106cbee2a20a0592435118064880158848e2a77f1027e00c5578959dc
-
SSDEEP
12288:YMrOy90Ll17wBPV11TIwFK2gQboaMADiaGqR5Gtol:GyE7SfE2vAU2qRV
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1