General
-
Target
8e3c56df3b75be3526263c4f96e71bb95a0eb86a12d52ade19329afdea9a908f
-
Size
618KB
-
Sample
241110-eaqz9ayhla
-
MD5
4ce0ece26f4b33e0d807eab1a20d42ac
-
SHA1
08a9ad96f82e2f2699f0f467179587551752fdba
-
SHA256
8e3c56df3b75be3526263c4f96e71bb95a0eb86a12d52ade19329afdea9a908f
-
SHA512
0a990784a6c5ce9c19d70be3ce61e9a27da973d9f12530b21034b36a1035641ced33987ccac272800fa61c86d8a217321b03f81a256c0d2460937111e416aa2b
-
SSDEEP
12288:Iy90F0ZQONMvXFbRAzo35RhdxdcGtWi9wruXRhzxOM79:IyNfYym3hvmG12rQr79
Static task
static1
Behavioral task
behavioral1
Sample
8e3c56df3b75be3526263c4f96e71bb95a0eb86a12d52ade19329afdea9a908f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8e3c56df3b75be3526263c4f96e71bb95a0eb86a12d52ade19329afdea9a908f
-
Size
618KB
-
MD5
4ce0ece26f4b33e0d807eab1a20d42ac
-
SHA1
08a9ad96f82e2f2699f0f467179587551752fdba
-
SHA256
8e3c56df3b75be3526263c4f96e71bb95a0eb86a12d52ade19329afdea9a908f
-
SHA512
0a990784a6c5ce9c19d70be3ce61e9a27da973d9f12530b21034b36a1035641ced33987ccac272800fa61c86d8a217321b03f81a256c0d2460937111e416aa2b
-
SSDEEP
12288:Iy90F0ZQONMvXFbRAzo35RhdxdcGtWi9wruXRhzxOM79:IyNfYym3hvmG12rQr79
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1