General
-
Target
fced7c97085c701b3ddfe7080002ee47738f9d2d10dca0004c2adf961e051656
-
Size
559KB
-
Sample
241111-gf456sxndr
-
MD5
05fb422151d2a3d19c0eecb337febee0
-
SHA1
85aa7120b55f8386028f1bb845433676d0a07556
-
SHA256
fced7c97085c701b3ddfe7080002ee47738f9d2d10dca0004c2adf961e051656
-
SHA512
a42b4aba04b4cff61cb2561a4ba4fac7d8a37d07c31108b6b8a3656cbb6ba8217a2ba5dc7bddb6a3152e31555ef9d0d499db1aac95f5da48862ad5d593c6af19
-
SSDEEP
12288:sy902wGr7W1USP9tOF26u2/Ec6/+9zNDlzkPn1NRV:syBrqUS1Mju28wNDgv3
Static task
static1
Behavioral task
behavioral1
Sample
fced7c97085c701b3ddfe7080002ee47738f9d2d10dca0004c2adf961e051656.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
fced7c97085c701b3ddfe7080002ee47738f9d2d10dca0004c2adf961e051656
-
Size
559KB
-
MD5
05fb422151d2a3d19c0eecb337febee0
-
SHA1
85aa7120b55f8386028f1bb845433676d0a07556
-
SHA256
fced7c97085c701b3ddfe7080002ee47738f9d2d10dca0004c2adf961e051656
-
SHA512
a42b4aba04b4cff61cb2561a4ba4fac7d8a37d07c31108b6b8a3656cbb6ba8217a2ba5dc7bddb6a3152e31555ef9d0d499db1aac95f5da48862ad5d593c6af19
-
SSDEEP
12288:sy902wGr7W1USP9tOF26u2/Ec6/+9zNDlzkPn1NRV:syBrqUS1Mju28wNDgv3
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1