General
-
Target
71aa2baeb8696d348af4535cf5e78b7a71078e68ff7521675ad4df01f570f2f3N
-
Size
618KB
-
Sample
241111-gq1whathnp
-
MD5
5dc9d78400ef4706d4912a0d3e83cd30
-
SHA1
bbd38c1b763004adefdd112deada9b43ae2098de
-
SHA256
71aa2baeb8696d348af4535cf5e78b7a71078e68ff7521675ad4df01f570f2f3
-
SHA512
865e9e4329c10e22f6855a41c246a18fd30dea18d3bf84889976259e612e6f81d664840d1190607f835be89dcf6d4d07646f8ec9a4b26037f112caf838c1b70b
-
SSDEEP
12288:Qy902mtg4JQ9wyvnK2TI28GaBXG3WVaxvH+j0kEI:Qys/J3yvnK2TI6UEWevewkEI
Static task
static1
Behavioral task
behavioral1
Sample
71aa2baeb8696d348af4535cf5e78b7a71078e68ff7521675ad4df01f570f2f3N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
71aa2baeb8696d348af4535cf5e78b7a71078e68ff7521675ad4df01f570f2f3N
-
Size
618KB
-
MD5
5dc9d78400ef4706d4912a0d3e83cd30
-
SHA1
bbd38c1b763004adefdd112deada9b43ae2098de
-
SHA256
71aa2baeb8696d348af4535cf5e78b7a71078e68ff7521675ad4df01f570f2f3
-
SHA512
865e9e4329c10e22f6855a41c246a18fd30dea18d3bf84889976259e612e6f81d664840d1190607f835be89dcf6d4d07646f8ec9a4b26037f112caf838c1b70b
-
SSDEEP
12288:Qy902mtg4JQ9wyvnK2TI28GaBXG3WVaxvH+j0kEI:Qys/J3yvnK2TI6UEWevewkEI
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1