General
-
Target
182adf87a70fdb2689464abbafbf96650afa0a206e51f50ce3732bd544dd7541.exe
-
Size
746KB
-
Sample
241111-gq4bmavcnf
-
MD5
58650285e9433ac6726f8f145a49847d
-
SHA1
2b21f837e830b660cdff8092e3d3fc2c3bf6e5b4
-
SHA256
182adf87a70fdb2689464abbafbf96650afa0a206e51f50ce3732bd544dd7541
-
SHA512
c9a52b12cabaca4c09071385545b7b63e02b3174d52636dcf2e20df22622b50141a5d76ff2e08a97dbbce546b211d05c248cc0daa1376aadb7386f7f5bbfe578
-
SSDEEP
12288:9y90anU2UDA6w1dXSiY7ywxypAniaMZJtE9Nk2JF8f0F88udRojdqePZhOktNmo2:9yCTDA6wviilvpgiaM5ENFqTIhvP+kON
Static task
static1
Behavioral task
behavioral1
Sample
182adf87a70fdb2689464abbafbf96650afa0a206e51f50ce3732bd544dd7541.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
182adf87a70fdb2689464abbafbf96650afa0a206e51f50ce3732bd544dd7541.exe
-
Size
746KB
-
MD5
58650285e9433ac6726f8f145a49847d
-
SHA1
2b21f837e830b660cdff8092e3d3fc2c3bf6e5b4
-
SHA256
182adf87a70fdb2689464abbafbf96650afa0a206e51f50ce3732bd544dd7541
-
SHA512
c9a52b12cabaca4c09071385545b7b63e02b3174d52636dcf2e20df22622b50141a5d76ff2e08a97dbbce546b211d05c248cc0daa1376aadb7386f7f5bbfe578
-
SSDEEP
12288:9y90anU2UDA6w1dXSiY7ywxypAniaMZJtE9Nk2JF8f0F88udRojdqePZhOktNmo2:9yCTDA6wviilvpgiaM5ENFqTIhvP+kON
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1