General
-
Target
8aa1b8656ce1a83bbfd316f755761fc0d74ddb66a972c9b74d5bc64f319e791b
-
Size
1.3MB
-
Sample
241111-gf7w3atgkj
-
MD5
e2008e27badfc2ee5e267bb2174a28c0
-
SHA1
bb3c35b75f24aa4dddae6ce60a6407b291937c8f
-
SHA256
8aa1b8656ce1a83bbfd316f755761fc0d74ddb66a972c9b74d5bc64f319e791b
-
SHA512
be27672c2d3e88cef86ae9482742b96bc3fe53490e6c3a351e31c3a542f559cc1011816434ec1aa97bacefce7c8672126fb329d03667216cb34fb2d0c7063512
-
SSDEEP
24576:qIKq5dNtV7We2GWqerZwO7Fk8YxeU5F8Si5LO+rImHhAs4ew2Hk4Q:qI/NKeU1ZwO+eUv8Sima5u4
Static task
static1
Behavioral task
behavioral1
Sample
8aa1b8656ce1a83bbfd316f755761fc0d74ddb66a972c9b74d5bc64f319e791b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
8aa1b8656ce1a83bbfd316f755761fc0d74ddb66a972c9b74d5bc64f319e791b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8aa1b8656ce1a83bbfd316f755761fc0d74ddb66a972c9b74d5bc64f319e791b
-
Size
1.3MB
-
MD5
e2008e27badfc2ee5e267bb2174a28c0
-
SHA1
bb3c35b75f24aa4dddae6ce60a6407b291937c8f
-
SHA256
8aa1b8656ce1a83bbfd316f755761fc0d74ddb66a972c9b74d5bc64f319e791b
-
SHA512
be27672c2d3e88cef86ae9482742b96bc3fe53490e6c3a351e31c3a542f559cc1011816434ec1aa97bacefce7c8672126fb329d03667216cb34fb2d0c7063512
-
SSDEEP
24576:qIKq5dNtV7We2GWqerZwO7Fk8YxeU5F8Si5LO+rImHhAs4ew2Hk4Q:qI/NKeU1ZwO+eUv8Sima5u4
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1