General
-
Target
ade941723c3d6d40c3c5d34efb3e937a15efaacc78463433ecc37d6034034c4d
-
Size
704KB
-
Sample
241111-gpz8ksthmm
-
MD5
88e6e6babd23c6cde2f247d3ab5e1060
-
SHA1
3f756ae2d34ae0d53654fffb65a2748513b607e8
-
SHA256
ade941723c3d6d40c3c5d34efb3e937a15efaacc78463433ecc37d6034034c4d
-
SHA512
9178a5d8ab087d20e6015048f87c8d0c9ff1e50634f8e097b67397e09c077b52926e259e0341b853f07e813ceace70e141df15f1178d1c9991359d922a6eddfd
-
SSDEEP
12288:Py90agK/J5JhFRjHY1g6ohhmWeY1dZR4gVHMWCsifKqbDLdMa/yv:PyMKB5JprCfcneaicHpefKq/Ldgv
Static task
static1
Behavioral task
behavioral1
Sample
ade941723c3d6d40c3c5d34efb3e937a15efaacc78463433ecc37d6034034c4d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
ade941723c3d6d40c3c5d34efb3e937a15efaacc78463433ecc37d6034034c4d
-
Size
704KB
-
MD5
88e6e6babd23c6cde2f247d3ab5e1060
-
SHA1
3f756ae2d34ae0d53654fffb65a2748513b607e8
-
SHA256
ade941723c3d6d40c3c5d34efb3e937a15efaacc78463433ecc37d6034034c4d
-
SHA512
9178a5d8ab087d20e6015048f87c8d0c9ff1e50634f8e097b67397e09c077b52926e259e0341b853f07e813ceace70e141df15f1178d1c9991359d922a6eddfd
-
SSDEEP
12288:Py90agK/J5JhFRjHY1g6ohhmWeY1dZR4gVHMWCsifKqbDLdMa/yv:PyMKB5JprCfcneaicHpefKq/Ldgv
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1