General
-
Target
7de15d5c26eecca5de035d9a34f91ce6b2fb0a1d698c62c0628fc5c2ed2221e9
-
Size
612KB
-
Sample
241110-ekw91symfy
-
MD5
660b82c42fd7944d509e773d70ae08dd
-
SHA1
ede0fb6b28735bb5e28f1da403a5839183ba2048
-
SHA256
7de15d5c26eecca5de035d9a34f91ce6b2fb0a1d698c62c0628fc5c2ed2221e9
-
SHA512
af71fe2955320821abf20f7324059c3ffa997a8ab61fe7ee14613d22f26e9cd45f247e015f3d21945f94526655b9d08826954d8f3cfb4c5397c806715bbc44a2
-
SSDEEP
12288:yy90PMsf2hPEzrt5elZ+8NPORF9K9HRgHfE:yyLdPEzx2dNPoF9K9HRGc
Static task
static1
Behavioral task
behavioral1
Sample
7de15d5c26eecca5de035d9a34f91ce6b2fb0a1d698c62c0628fc5c2ed2221e9.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7de15d5c26eecca5de035d9a34f91ce6b2fb0a1d698c62c0628fc5c2ed2221e9
-
Size
612KB
-
MD5
660b82c42fd7944d509e773d70ae08dd
-
SHA1
ede0fb6b28735bb5e28f1da403a5839183ba2048
-
SHA256
7de15d5c26eecca5de035d9a34f91ce6b2fb0a1d698c62c0628fc5c2ed2221e9
-
SHA512
af71fe2955320821abf20f7324059c3ffa997a8ab61fe7ee14613d22f26e9cd45f247e015f3d21945f94526655b9d08826954d8f3cfb4c5397c806715bbc44a2
-
SSDEEP
12288:yy90PMsf2hPEzrt5elZ+8NPORF9K9HRgHfE:yyLdPEzx2dNPoF9K9HRGc
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1