General
-
Target
b188eca8a3e52cd342a8a24b4a9ca223ecb049dd58ff4027d4c714cde50c97c3
-
Size
704KB
-
Sample
241110-dt3ygsycmn
-
MD5
f4c8cc62b48815624ba9d9a04c5d7068
-
SHA1
fd43d578e9e30d0d311443887d142c33fccccabd
-
SHA256
b188eca8a3e52cd342a8a24b4a9ca223ecb049dd58ff4027d4c714cde50c97c3
-
SHA512
d667b21f561255e2af136f9bd2a642cd7cd61883411f85b46a4e61a570cc4a942529b94abd04c984e31ed52c5b8a3b6abf543fa19617e7b5685edf3d3d1da6af
-
SSDEEP
12288:Fy90gzcHtvBTYSb9YpQ2CR9oDFMH+mbm4/I3MKqRcmgc54JbD9f5XySxh:FynCyCq6Pn46LcMKGcBcuJbD7XyS/
Static task
static1
Behavioral task
behavioral1
Sample
b188eca8a3e52cd342a8a24b4a9ca223ecb049dd58ff4027d4c714cde50c97c3.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
b188eca8a3e52cd342a8a24b4a9ca223ecb049dd58ff4027d4c714cde50c97c3
-
Size
704KB
-
MD5
f4c8cc62b48815624ba9d9a04c5d7068
-
SHA1
fd43d578e9e30d0d311443887d142c33fccccabd
-
SHA256
b188eca8a3e52cd342a8a24b4a9ca223ecb049dd58ff4027d4c714cde50c97c3
-
SHA512
d667b21f561255e2af136f9bd2a642cd7cd61883411f85b46a4e61a570cc4a942529b94abd04c984e31ed52c5b8a3b6abf543fa19617e7b5685edf3d3d1da6af
-
SSDEEP
12288:Fy90gzcHtvBTYSb9YpQ2CR9oDFMH+mbm4/I3MKqRcmgc54JbD9f5XySxh:FynCyCq6Pn46LcMKGcBcuJbD7XyS/
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1