General
-
Target
153de3efcbc7b2f808fdf41c09746b45baebd6c17f077b5fb8216d96bd2c40a2
-
Size
376KB
-
Sample
241111-gq9hmstlc1
-
MD5
9d455d205f37e412abec0a90b2f1e866
-
SHA1
d3656e0e73dd2c61182aa06eca3702164fddb717
-
SHA256
153de3efcbc7b2f808fdf41c09746b45baebd6c17f077b5fb8216d96bd2c40a2
-
SHA512
5079e7ca95774bb66db2b423718358576a00d26bbf21e848743497359dca2df8e07a13dd6482d158b45c25a5bdeb15dee5f5ff909cce06cbd48d4a48f1589353
-
SSDEEP
6144:K3y+bnr+Hp0yN90QEmnHgKPRWkfajncQEC/cv/ADWj84NrhTd/1xKh:xMrzy90AHHfQZcnAa84Nf/1xM
Static task
static1
Behavioral task
behavioral1
Sample
153de3efcbc7b2f808fdf41c09746b45baebd6c17f077b5fb8216d96bd2c40a2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
153de3efcbc7b2f808fdf41c09746b45baebd6c17f077b5fb8216d96bd2c40a2
-
Size
376KB
-
MD5
9d455d205f37e412abec0a90b2f1e866
-
SHA1
d3656e0e73dd2c61182aa06eca3702164fddb717
-
SHA256
153de3efcbc7b2f808fdf41c09746b45baebd6c17f077b5fb8216d96bd2c40a2
-
SHA512
5079e7ca95774bb66db2b423718358576a00d26bbf21e848743497359dca2df8e07a13dd6482d158b45c25a5bdeb15dee5f5ff909cce06cbd48d4a48f1589353
-
SSDEEP
6144:K3y+bnr+Hp0yN90QEmnHgKPRWkfajncQEC/cv/ADWj84NrhTd/1xKh:xMrzy90AHHfQZcnAa84Nf/1xM
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1