Extracted

• • Target

    fb05507c52c2e8f629b69a34d84727ea4642260cec6c837d5c5e06d66768868a

  • Size

    765KB

  • MD5

    b2df5dec575c31441f14b4764b9158da

  • SHA1

    d8ac94de573c64a6190f0519a629ae67b60f11bb

  • SHA256

    fb05507c52c2e8f629b69a34d84727ea4642260cec6c837d5c5e06d66768868a

  • SHA512

    36dba110cf53ed6ca6f496c8ce9dcaf366291997cc34dc62bdac6f0628e6f2aacc02871ecf1be05276dccd5bd21c49e8987c2a8eb4e219ae3f590fa41b3eeec9

  • SSDEEP

    12288:+MrVy90ZgLLpmVfgeTwe6oTYHU2hl0NJvLS9slp1Ws/rrRWyfF7EpeyMsi/4:zy+gLLgVfNj6oTOU2hsJvLjlpLzX03Mu

  Score

  10^/10

  healerredlinedubnadiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1