General

  • Target

    0b908f93ae38838f6b1552fdf962e380d62141f206178e8d085e2a0db1537768

  • Size

    922KB

  • Sample

    241111-bs36raymev

  • MD5

    a131a6ae2e72503dc6158f91be6a6a17

  • SHA1

    88cdef949a4399f6f4dbf6826eae03b45469a292

  • SHA256

    0b908f93ae38838f6b1552fdf962e380d62141f206178e8d085e2a0db1537768

  • SHA512

    69efb9990ab12d4c374da5b7c6e0959ba060c62b49dc8c2654eef2d46a1f14caeb5aef35af2bc96560eb40abd4765ef0d3599917b424145bb10f664f888c44d0

  • SSDEEP

    24576:BytwN37cmJYq9Lw5Unozw2CIxM7r3O7Hz:0tOTQUU8I07O7H

Malware Config

Targets

    • Target

      0b908f93ae38838f6b1552fdf962e380d62141f206178e8d085e2a0db1537768

    • Size

      922KB

    • MD5

      a131a6ae2e72503dc6158f91be6a6a17

    • SHA1

      88cdef949a4399f6f4dbf6826eae03b45469a292

    • SHA256

      0b908f93ae38838f6b1552fdf962e380d62141f206178e8d085e2a0db1537768

    • SHA512

      69efb9990ab12d4c374da5b7c6e0959ba060c62b49dc8c2654eef2d46a1f14caeb5aef35af2bc96560eb40abd4765ef0d3599917b424145bb10f664f888c44d0

    • SSDEEP

      24576:BytwN37cmJYq9Lw5Unozw2CIxM7r3O7Hz:0tOTQUU8I07O7H

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Healer family

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.