General
-
Target
565b9c2c08095d37a3ad6a40fb9c92d1458772e22f385e1f7ca591d6ebd3f5d6
-
Size
690KB
-
Sample
241110-ej5vrsyhjr
-
MD5
d6570f566f7e2a0ed2315f3afaa6035f
-
SHA1
5fcae63182b70a716aaa3e9f6779961b56462b82
-
SHA256
565b9c2c08095d37a3ad6a40fb9c92d1458772e22f385e1f7ca591d6ebd3f5d6
-
SHA512
2881285c67c107755538bcca23c3462c4077465ec1fc1e2c3126535c62b7132736b249b97e584aa76ceabd50c89dd43d21716d294c6e3a2bf000fc947c220478
-
SSDEEP
12288:Jy90v8dmDHm1sjefXgigcP9JkOaXWXA2b922TBSflmCiiTf6bem+gWFJm:JyofDHksGXRP9JiuPbw2sNiu6beWR
Static task
static1
Behavioral task
behavioral1
Sample
565b9c2c08095d37a3ad6a40fb9c92d1458772e22f385e1f7ca591d6ebd3f5d6.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
565b9c2c08095d37a3ad6a40fb9c92d1458772e22f385e1f7ca591d6ebd3f5d6
-
Size
690KB
-
MD5
d6570f566f7e2a0ed2315f3afaa6035f
-
SHA1
5fcae63182b70a716aaa3e9f6779961b56462b82
-
SHA256
565b9c2c08095d37a3ad6a40fb9c92d1458772e22f385e1f7ca591d6ebd3f5d6
-
SHA512
2881285c67c107755538bcca23c3462c4077465ec1fc1e2c3126535c62b7132736b249b97e584aa76ceabd50c89dd43d21716d294c6e3a2bf000fc947c220478
-
SSDEEP
12288:Jy90v8dmDHm1sjefXgigcP9JkOaXWXA2b922TBSflmCiiTf6bem+gWFJm:JyofDHksGXRP9JiuPbw2sNiu6beWR
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1