Overview

overview

10

Static

static

3

54e9b3e626...89.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    54e9b3e626f7a83c4308808ef15cd25391a670d2a12b5692608265ef9a054289

  • Size

    562KB

  • Sample

    241111-cs4b7azgpk

  • MD5

    2f773597648f3715a8cd95b9d4cdfb5d

  • SHA1

    86926efb37e3ef642d0898be4e74e4c0b35156f6

  • SHA256

    54e9b3e626f7a83c4308808ef15cd25391a670d2a12b5692608265ef9a054289

  • SHA512

    7eca7190b5276caf9d7c97314b3be3aface3e01f55b89ce46fe6db5908d22a1f34c632370c17828a832509273272d52f6df03744d06614bbc47b93684002554a

  • SSDEEP

    12288:vy90mqKMaa7wGL2l++ziJkq9bJoHYI+7Omx9YgX:vy7NWww0++zi26iHR1mx9Ym

Score
10/10
healerredlinediscoverydropperevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      54e9b3e626f7a83c4308808ef15cd25391a670d2a12b5692608265ef9a054289

    • Size

      562KB

    • MD5

      2f773597648f3715a8cd95b9d4cdfb5d

    • SHA1

      86926efb37e3ef642d0898be4e74e4c0b35156f6

    • SHA256

      54e9b3e626f7a83c4308808ef15cd25391a670d2a12b5692608265ef9a054289

    • SHA512

      7eca7190b5276caf9d7c97314b3be3aface3e01f55b89ce46fe6db5908d22a1f34c632370c17828a832509273272d52f6df03744d06614bbc47b93684002554a

    • SSDEEP

      12288:vy90mqKMaa7wGL2l++ziJkq9bJoHYI+7Omx9YgX:vy7NWww0++zi26iHR1mx9Ym

    Score
    10/10
    healerredlinediscoverydropperevasioninfostealerpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Healer family

      healer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks