General
-
Target
90e57c5d47263e4f4a145fe67973df3011cb1e61645aacce6e490a3ea461cf42
-
Size
618KB
-
Sample
241110-ejjbrsyhjk
-
MD5
04873ce78b9525ad569ce8c7a32d0363
-
SHA1
c9dd43c067e16f20dbed2c0da78e2c96cb260c30
-
SHA256
90e57c5d47263e4f4a145fe67973df3011cb1e61645aacce6e490a3ea461cf42
-
SHA512
9776e20662ffba4a1259cd2f87547a73107c5375887c5e3a203af823c724b3dc2a967b7e678b003d5bdd0b088ce56a137472d2a318ec163d177b7dbdd27309b7
-
SSDEEP
12288:hy90t2b8FoVVfBgckLoAsfCvTZlbxeThsV1TdePAwbwVOe3:hypb8GVhBgcLAGCvpghsV1TdeofVF3
Static task
static1
Behavioral task
behavioral1
Sample
90e57c5d47263e4f4a145fe67973df3011cb1e61645aacce6e490a3ea461cf42.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
90e57c5d47263e4f4a145fe67973df3011cb1e61645aacce6e490a3ea461cf42
-
Size
618KB
-
MD5
04873ce78b9525ad569ce8c7a32d0363
-
SHA1
c9dd43c067e16f20dbed2c0da78e2c96cb260c30
-
SHA256
90e57c5d47263e4f4a145fe67973df3011cb1e61645aacce6e490a3ea461cf42
-
SHA512
9776e20662ffba4a1259cd2f87547a73107c5375887c5e3a203af823c724b3dc2a967b7e678b003d5bdd0b088ce56a137472d2a318ec163d177b7dbdd27309b7
-
SSDEEP
12288:hy90t2b8FoVVfBgckLoAsfCvTZlbxeThsV1TdePAwbwVOe3:hypb8GVhBgcLAGCvpghsV1TdeofVF3
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1