Extracted

• • Target

    6a1a1dbf5bafae9c23a3cc7cc5e932d9ca96622d15a4c15a16868806f92d5a5b

  • Size

    677KB

  • MD5

    b2f161498b78551787b77419d0a8674b

  • SHA1

    b94067458ece35d971737f6902ecfc5e61b4dc64

  • SHA256

    6a1a1dbf5bafae9c23a3cc7cc5e932d9ca96622d15a4c15a16868806f92d5a5b

  • SHA512

    0480bee27fcb86f852ada57dee351b890c42b3c19f4395aced7e27bd9fbfd0e5570ef7c35dafda5d7b742625b1ca54074c4d685ee62308800e1c37c6e1ecb88e

  • SSDEEP

    12288:jMrxy90cgZfVQdCL411VOd1L4KknXdAQ0BJrLgWRvOSH7fX2AR1EZ7b:WylgZfVQd080pkStTH9vDHb7R1EZ7b

  Score

  10^/10

  healerredlinerostodiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1