General
-
Target
124fea01f1b5265689c99702e0656895d1ed6654534223fc3b85114175083663N
-
Size
942KB
-
Sample
241111-ggt2latkcy
-
MD5
78afcb17c77262b6b6666c2d4b102230
-
SHA1
33240ba6b7da465306afdd0308f7b58230329861
-
SHA256
124fea01f1b5265689c99702e0656895d1ed6654534223fc3b85114175083663
-
SHA512
73b522427537f06771c158a0035c31d88e47d86f803626321c206431e83289dffbf73ea6d16400515a2c9b3ab872a35b41a376b7bff5754df52a09546cb226a5
-
SSDEEP
24576:iyKm/eLOFQzXXLYHLtXuponrptOmVQGDu8KDRY:J3xFw0xuporpWGWl
Static task
static1
Behavioral task
behavioral1
Sample
124fea01f1b5265689c99702e0656895d1ed6654534223fc3b85114175083663N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
124fea01f1b5265689c99702e0656895d1ed6654534223fc3b85114175083663N
-
Size
942KB
-
MD5
78afcb17c77262b6b6666c2d4b102230
-
SHA1
33240ba6b7da465306afdd0308f7b58230329861
-
SHA256
124fea01f1b5265689c99702e0656895d1ed6654534223fc3b85114175083663
-
SHA512
73b522427537f06771c158a0035c31d88e47d86f803626321c206431e83289dffbf73ea6d16400515a2c9b3ab872a35b41a376b7bff5754df52a09546cb226a5
-
SSDEEP
24576:iyKm/eLOFQzXXLYHLtXuponrptOmVQGDu8KDRY:J3xFw0xuporpWGWl
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1