General
-
Target
19f5a9b950d9469e4d3fdd4161f7632a192f5f6e2788584d5121f02d08f8f11eN
-
Size
943KB
-
Sample
241111-gm6btaxpbp
-
MD5
b58e9b97a201ade79b947f1536bcea30
-
SHA1
3e3908609dc67480803cbe4ffb8f563249f752da
-
SHA256
19f5a9b950d9469e4d3fdd4161f7632a192f5f6e2788584d5121f02d08f8f11e
-
SHA512
03f6ce080308dc505f44b49ea0c08ae557dc700423ca57dba26e13a500d74b888d8504a7603e5d6260f1fee852bdc42365a272d7c34be20cdd5f8916435fa887
-
SSDEEP
12288:my90kb0ebql9QLAYJWtq3bfvwwktQunTDlyPBxcBIGSSWNnH2yNd4xzeg4pm:myL05lsAb4bwr9JOiOYwbsK3pm
Static task
static1
Behavioral task
behavioral1
Sample
19f5a9b950d9469e4d3fdd4161f7632a192f5f6e2788584d5121f02d08f8f11eN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
19f5a9b950d9469e4d3fdd4161f7632a192f5f6e2788584d5121f02d08f8f11eN
-
Size
943KB
-
MD5
b58e9b97a201ade79b947f1536bcea30
-
SHA1
3e3908609dc67480803cbe4ffb8f563249f752da
-
SHA256
19f5a9b950d9469e4d3fdd4161f7632a192f5f6e2788584d5121f02d08f8f11e
-
SHA512
03f6ce080308dc505f44b49ea0c08ae557dc700423ca57dba26e13a500d74b888d8504a7603e5d6260f1fee852bdc42365a272d7c34be20cdd5f8916435fa887
-
SSDEEP
12288:my90kb0ebql9QLAYJWtq3bfvwwktQunTDlyPBxcBIGSSWNnH2yNd4xzeg4pm:myL05lsAb4bwr9JOiOYwbsK3pm
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1