General
-
Target
7ca2c01a112630dc483d6449715c0f62c1bd3fb0d5453640eed527c9f9a2cbf0
-
Size
546KB
-
Sample
241111-gjrz1sxnfq
-
MD5
464b9c1ae4733aa2263e76d5a30adc70
-
SHA1
0b101fb3db084724d52823c5159d9ffdd815ef6f
-
SHA256
7ca2c01a112630dc483d6449715c0f62c1bd3fb0d5453640eed527c9f9a2cbf0
-
SHA512
07cfbe4551477b6a4d56336f031e6c3d2de4108bc5d59a7bada32943bdf95924d70a198520c4f6fc461e19094ae4cf3393539e46b13ba7a448fa6a319316ff91
-
SSDEEP
12288:RMrby90ptScV0lKgmWR2Qe1Z1NBytsyMfc4giqn3MwsEvi:CyUPV0u1Z1N4tH4nysE6
Static task
static1
Behavioral task
behavioral1
Sample
7ca2c01a112630dc483d6449715c0f62c1bd3fb0d5453640eed527c9f9a2cbf0.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
rosto
hueref.eu:4162
-
auth_value
07d81eba8cad42bbd0ae60042d48eac6
Targets
-
-
Target
7ca2c01a112630dc483d6449715c0f62c1bd3fb0d5453640eed527c9f9a2cbf0
-
Size
546KB
-
MD5
464b9c1ae4733aa2263e76d5a30adc70
-
SHA1
0b101fb3db084724d52823c5159d9ffdd815ef6f
-
SHA256
7ca2c01a112630dc483d6449715c0f62c1bd3fb0d5453640eed527c9f9a2cbf0
-
SHA512
07cfbe4551477b6a4d56336f031e6c3d2de4108bc5d59a7bada32943bdf95924d70a198520c4f6fc461e19094ae4cf3393539e46b13ba7a448fa6a319316ff91
-
SSDEEP
12288:RMrby90ptScV0lKgmWR2Qe1Z1NBytsyMfc4giqn3MwsEvi:CyUPV0u1Z1N4tH4nysE6
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1