General
-
Target
1d755a6a58a0f96c353797922fd809065fad10c55d0e9036e4e942f1662a1b34N
-
Size
642KB
-
Sample
241111-gqbxdathnj
-
MD5
955356b398feec5d7dab13bd2790fa40
-
SHA1
efab8b102454e5121329bd9816e338c9f3740911
-
SHA256
1d755a6a58a0f96c353797922fd809065fad10c55d0e9036e4e942f1662a1b34
-
SHA512
19161965fad79b31eee2ec614a1cf01cbfae0e4a8ef029cd28d4ba1504eea8d80bd35e75ac27f3e38a2abdd96313125af1d6ac1851fa6ed6f66c9ed9b1155b07
-
SSDEEP
12288:Uy90DlGK9Ada9x1tn17OrvVy/WW6tq1qbPKyA+rPV05DU:UyClGKadaP17Wvcl6tq1qbPN1N05DU
Static task
static1
Behavioral task
behavioral1
Sample
1d755a6a58a0f96c353797922fd809065fad10c55d0e9036e4e942f1662a1b34N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
1d755a6a58a0f96c353797922fd809065fad10c55d0e9036e4e942f1662a1b34N
-
Size
642KB
-
MD5
955356b398feec5d7dab13bd2790fa40
-
SHA1
efab8b102454e5121329bd9816e338c9f3740911
-
SHA256
1d755a6a58a0f96c353797922fd809065fad10c55d0e9036e4e942f1662a1b34
-
SHA512
19161965fad79b31eee2ec614a1cf01cbfae0e4a8ef029cd28d4ba1504eea8d80bd35e75ac27f3e38a2abdd96313125af1d6ac1851fa6ed6f66c9ed9b1155b07
-
SSDEEP
12288:Uy90DlGK9Ada9x1tn17OrvVy/WW6tq1qbPKyA+rPV05DU:UyClGKadaP17Wvcl6tq1qbPN1N05DU
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1