General
-
Target
d42b76450efdd25653038373de590e8e28f39eb9e5fecceed8d7a52e52be4bc6
-
Size
479KB
-
Sample
241110-eb17lsyla1
-
MD5
51549a0087bc6149b68ed138d160d4aa
-
SHA1
5d8ca66fe2eda668389cc8938ed6bb5a29c6873c
-
SHA256
d42b76450efdd25653038373de590e8e28f39eb9e5fecceed8d7a52e52be4bc6
-
SHA512
458f37542d03e2b6ae2c682537e727356fc20dfc4a95ad1875252eaab77ae0c97b937461eb570edd1bcf17cd517a47b86efa7bcb3f69b8182995fd49092cafdd
-
SSDEEP
12288:TMryy90zZqMB+QMzhAURC0qsMmLqYgiN42jD7KG:VyenMzhN40qVmLq/idKG
Static task
static1
Behavioral task
behavioral1
Sample
d42b76450efdd25653038373de590e8e28f39eb9e5fecceed8d7a52e52be4bc6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d42b76450efdd25653038373de590e8e28f39eb9e5fecceed8d7a52e52be4bc6
-
Size
479KB
-
MD5
51549a0087bc6149b68ed138d160d4aa
-
SHA1
5d8ca66fe2eda668389cc8938ed6bb5a29c6873c
-
SHA256
d42b76450efdd25653038373de590e8e28f39eb9e5fecceed8d7a52e52be4bc6
-
SHA512
458f37542d03e2b6ae2c682537e727356fc20dfc4a95ad1875252eaab77ae0c97b937461eb570edd1bcf17cd517a47b86efa7bcb3f69b8182995fd49092cafdd
-
SSDEEP
12288:TMryy90zZqMB+QMzhAURC0qsMmLqYgiN42jD7KG:VyenMzhN40qVmLq/idKG
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1