General

  • Target

    e2845e26341a96672d8f47f3cbdd4bf9b0e2267d11b58af9d5f8e17028127976

  • Size

    746KB

  • Sample

    241111-bpcjmaylhx

  • MD5

    1fee0f7b533ee66bd71dd39e41ebbb8e

  • SHA1

    17f13bf225bf3d4fdfb1958c7ef904bd5885f222

  • SHA256

    e2845e26341a96672d8f47f3cbdd4bf9b0e2267d11b58af9d5f8e17028127976

  • SHA512

    d8d838c06b1afb71ecf0fbf83298a2f168e0c712294f21893786c67725d3035cff77be98552402c264bdd28e3005b14decef20dc5300cdb1ed66b1b3c7f86a83

  • SSDEEP

    12288:6y90kxDahz4bgBvOci1Jex6PCd5A9R2392gBtFlseS8iA3WJp58amgL:6yTDadCgVO1wEPCd4IgAFlVIA3aRL

Malware Config

Targets

    • Target

      e2845e26341a96672d8f47f3cbdd4bf9b0e2267d11b58af9d5f8e17028127976

    • Size

      746KB

    • MD5

      1fee0f7b533ee66bd71dd39e41ebbb8e

    • SHA1

      17f13bf225bf3d4fdfb1958c7ef904bd5885f222

    • SHA256

      e2845e26341a96672d8f47f3cbdd4bf9b0e2267d11b58af9d5f8e17028127976

    • SHA512

      d8d838c06b1afb71ecf0fbf83298a2f168e0c712294f21893786c67725d3035cff77be98552402c264bdd28e3005b14decef20dc5300cdb1ed66b1b3c7f86a83

    • SSDEEP

      12288:6y90kxDahz4bgBvOci1Jex6PCd5A9R2392gBtFlseS8iA3WJp58amgL:6yTDadCgVO1wEPCd4IgAFlVIA3aRL

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.