General
-
Target
06b135f8ef02753255a52a25873ee14e8303dfa72108708cc6ccadfd29bf188f
-
Size
923KB
-
Sample
241111-gm9dgathkj
-
MD5
3792ee874ba70e8fb92793779faa80eb
-
SHA1
b70e78b692b16d8303cd8dc536f5d01b9f23a9cc
-
SHA256
06b135f8ef02753255a52a25873ee14e8303dfa72108708cc6ccadfd29bf188f
-
SHA512
ff0a515d205c323a9e52fb64ce3d5b84a2c4475c1cdf0e8a973743eb6c2b16695d1105679a2a881b73cbcd9909d3ff3bd08f259f9a9f24a0e928e4384851bf75
-
SSDEEP
24576:5yK96KQhGSAOSz50wV3fDfvfxQKprh26Q+i:ss/WGZNf5LZlpYS
Static task
static1
Behavioral task
behavioral1
Sample
06b135f8ef02753255a52a25873ee14e8303dfa72108708cc6ccadfd29bf188f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
06b135f8ef02753255a52a25873ee14e8303dfa72108708cc6ccadfd29bf188f
-
Size
923KB
-
MD5
3792ee874ba70e8fb92793779faa80eb
-
SHA1
b70e78b692b16d8303cd8dc536f5d01b9f23a9cc
-
SHA256
06b135f8ef02753255a52a25873ee14e8303dfa72108708cc6ccadfd29bf188f
-
SHA512
ff0a515d205c323a9e52fb64ce3d5b84a2c4475c1cdf0e8a973743eb6c2b16695d1105679a2a881b73cbcd9909d3ff3bd08f259f9a9f24a0e928e4384851bf75
-
SSDEEP
24576:5yK96KQhGSAOSz50wV3fDfvfxQKprh26Q+i:ss/WGZNf5LZlpYS
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1