General
-
Target
bec0caa38bcc699ed47213647853567f07fa5d6b924e70db36777f2505ae97af
-
Size
560KB
-
Sample
241110-dwl3raycpr
-
MD5
74c33c318d02da50677aadb7deee19a7
-
SHA1
c55f6db0b387b9f942e4fcd33d172d50d2fdcc5b
-
SHA256
bec0caa38bcc699ed47213647853567f07fa5d6b924e70db36777f2505ae97af
-
SHA512
d6daa2f8f767e6a50154ec079e69a398a00ded1b4d31db2367fc57ff5a3e25fe4f89656826cd5f846b44fb154654879b362617c107ecb4ba20c605432c56da61
-
SSDEEP
12288:3y90mMBJdigBZqIWRuf6x3dphZPpFTg1BrudVJWkuor7vBHdgK:3yAzP+INf01d+Nil9gK
Static task
static1
Behavioral task
behavioral1
Sample
bec0caa38bcc699ed47213647853567f07fa5d6b924e70db36777f2505ae97af.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
bec0caa38bcc699ed47213647853567f07fa5d6b924e70db36777f2505ae97af
-
Size
560KB
-
MD5
74c33c318d02da50677aadb7deee19a7
-
SHA1
c55f6db0b387b9f942e4fcd33d172d50d2fdcc5b
-
SHA256
bec0caa38bcc699ed47213647853567f07fa5d6b924e70db36777f2505ae97af
-
SHA512
d6daa2f8f767e6a50154ec079e69a398a00ded1b4d31db2367fc57ff5a3e25fe4f89656826cd5f846b44fb154654879b362617c107ecb4ba20c605432c56da61
-
SSDEEP
12288:3y90mMBJdigBZqIWRuf6x3dphZPpFTg1BrudVJWkuor7vBHdgK:3yAzP+INf01d+Nil9gK
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1