Extracted

• • Target

    21e0902c31b6b321e9a045be36227c14996f7cc9f4740dd4a8d8d804c699433e

  • Size

    1000KB

  • MD5

    24dc30daa9b9943c6baa1f249cdf1800

  • SHA1

    1544731fa28967736dbd2ba0016998fbcff566de

  • SHA256

    21e0902c31b6b321e9a045be36227c14996f7cc9f4740dd4a8d8d804c699433e

  • SHA512

    641b3160c791faef53f0040da178e3517aea3224e2a494ca4d267c5d2d86703897520b8003af13b562420ca2e5339609296cb9e1d6e9bb51183dfb9dc4f1f1f1

  • SSDEEP

    24576:Ty2hvlnvHySqydpe7x8lt0Zht3LFYC5ZKSzqQzYfi:m2hvlnKJydpe7GOdLF7Zty

  Score

  10^/10

  healerredlinedubkadiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1