General
-
Target
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2
-
Size
690KB
-
Sample
241110-dza5naydmm
-
MD5
95d6bd9db91e5a888f096857155e04e3
-
SHA1
5d0628e45f71f1c0f30c5274eb67b97eed94045a
-
SHA256
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2
-
SHA512
ee594767991063e81e4e4f42d80ed7868a67ae1a13d8e433bfb10fc9df87bd8a42115c318caae6f2fc9269165d3f9fc2875d153e15312c0f07f0733bdc63b19b
-
SSDEEP
12288:fy90rBazQF1SOM2hbDgVuXsIc/JxDnHcW9IN6Lmo:fykUEF1rMsslxDnHR9INJo
Static task
static1
Behavioral task
behavioral1
Sample
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2
-
Size
690KB
-
MD5
95d6bd9db91e5a888f096857155e04e3
-
SHA1
5d0628e45f71f1c0f30c5274eb67b97eed94045a
-
SHA256
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2
-
SHA512
ee594767991063e81e4e4f42d80ed7868a67ae1a13d8e433bfb10fc9df87bd8a42115c318caae6f2fc9269165d3f9fc2875d153e15312c0f07f0733bdc63b19b
-
SSDEEP
12288:fy90rBazQF1SOM2hbDgVuXsIc/JxDnHcW9IN6Lmo:fykUEF1rMsslxDnHR9INJo
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1