General
-
Target
9527be4d5a558190ea4aeb8ab94397f1e2e80729eec028e80ddd3d8cad46bc4b
-
Size
827KB
-
Sample
241111-c5rh6a1ejh
-
MD5
c24b9215589f2a237c6708146d04a31d
-
SHA1
8760b44c21e912dc51f0b02760ba9df8cee477fa
-
SHA256
9527be4d5a558190ea4aeb8ab94397f1e2e80729eec028e80ddd3d8cad46bc4b
-
SHA512
40f29c64ca4f2255db2985101f1070ce024cc11eb85376e90e90f5de923aa9cfcb8bec912c32b7b1bb61b5ae09b3c6d24c8f3f7ebec63641227ad1b1bdfcc70a
-
SSDEEP
12288:Wy90cgSp2KeyOVYTtExL4o6V9zrFiFyOen7N+NI3G+XhnpihIZ5pO:Wyw+2K/yYeJ4DoFyJn82XhCIvpO
Static task
static1
Behavioral task
behavioral1
Sample
9527be4d5a558190ea4aeb8ab94397f1e2e80729eec028e80ddd3d8cad46bc4b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9527be4d5a558190ea4aeb8ab94397f1e2e80729eec028e80ddd3d8cad46bc4b
-
Size
827KB
-
MD5
c24b9215589f2a237c6708146d04a31d
-
SHA1
8760b44c21e912dc51f0b02760ba9df8cee477fa
-
SHA256
9527be4d5a558190ea4aeb8ab94397f1e2e80729eec028e80ddd3d8cad46bc4b
-
SHA512
40f29c64ca4f2255db2985101f1070ce024cc11eb85376e90e90f5de923aa9cfcb8bec912c32b7b1bb61b5ae09b3c6d24c8f3f7ebec63641227ad1b1bdfcc70a
-
SSDEEP
12288:Wy90cgSp2KeyOVYTtExL4o6V9zrFiFyOen7N+NI3G+XhnpihIZ5pO:Wyw+2K/yYeJ4DoFyJn82XhCIvpO
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1