General
-
Target
44aec6b8bd6cb8d46bf9eaea2edf2a09873901d5916a1a8edbe0a4bef019b6ad
-
Size
701KB
-
Sample
241110-dz6lka1qgm
-
MD5
14d5c15340d99ea307ba80d60dceaf90
-
SHA1
b06e6341b6269d028b3316397b03e08ee47fb38d
-
SHA256
44aec6b8bd6cb8d46bf9eaea2edf2a09873901d5916a1a8edbe0a4bef019b6ad
-
SHA512
2c9a4b6d36db6f3a906a9ca66c4207395c5f92f5ac18a75865e3fac97abd3e64ecf6c73c4f4b7a46455a5fc5ac3d393f897e973fa3c34aab1b022e26dcdbd803
-
SSDEEP
12288:8y90KdWScd4mYFOi8kbaouslkbf6eASyghktEG21o9wxc50h0eeuoGOQe:8ybdWdumYZXIbzkCGRwymTgx1
Static task
static1
Behavioral task
behavioral1
Sample
44aec6b8bd6cb8d46bf9eaea2edf2a09873901d5916a1a8edbe0a4bef019b6ad.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
44aec6b8bd6cb8d46bf9eaea2edf2a09873901d5916a1a8edbe0a4bef019b6ad
-
Size
701KB
-
MD5
14d5c15340d99ea307ba80d60dceaf90
-
SHA1
b06e6341b6269d028b3316397b03e08ee47fb38d
-
SHA256
44aec6b8bd6cb8d46bf9eaea2edf2a09873901d5916a1a8edbe0a4bef019b6ad
-
SHA512
2c9a4b6d36db6f3a906a9ca66c4207395c5f92f5ac18a75865e3fac97abd3e64ecf6c73c4f4b7a46455a5fc5ac3d393f897e973fa3c34aab1b022e26dcdbd803
-
SSDEEP
12288:8y90KdWScd4mYFOi8kbaouslkbf6eASyghktEG21o9wxc50h0eeuoGOQe:8ybdWdumYZXIbzkCGRwymTgx1
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1