General
-
Target
d2b350d0cf8c4f65b6093d5d19aca8435e63cd50f5cf7b20c100649e911df75f
-
Size
560KB
-
Sample
241111-gqde7stlbz
-
MD5
5fb89d7159e987a3010578a88187323f
-
SHA1
dc9cd41aa41c3689543c3a045c490b3bd83f6d35
-
SHA256
d2b350d0cf8c4f65b6093d5d19aca8435e63cd50f5cf7b20c100649e911df75f
-
SHA512
273397f37576a35d9859faa2a4b0196cba0fce2be376f9d2a9ab81ebce0c73639cd1374342b643b11b3df8accb4164492f4e55450df85c1326d00ee1cbc34861
-
SSDEEP
12288:oy90Z4FbxQ8qom654mii73ZphBMfFTN1BQudVJdegG6RA3st32:oy84vhDDx0bywjR3t32
Static task
static1
Behavioral task
behavioral1
Sample
d2b350d0cf8c4f65b6093d5d19aca8435e63cd50f5cf7b20c100649e911df75f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d2b350d0cf8c4f65b6093d5d19aca8435e63cd50f5cf7b20c100649e911df75f
-
Size
560KB
-
MD5
5fb89d7159e987a3010578a88187323f
-
SHA1
dc9cd41aa41c3689543c3a045c490b3bd83f6d35
-
SHA256
d2b350d0cf8c4f65b6093d5d19aca8435e63cd50f5cf7b20c100649e911df75f
-
SHA512
273397f37576a35d9859faa2a4b0196cba0fce2be376f9d2a9ab81ebce0c73639cd1374342b643b11b3df8accb4164492f4e55450df85c1326d00ee1cbc34861
-
SSDEEP
12288:oy90Z4FbxQ8qom654mii73ZphBMfFTN1BQudVJdegG6RA3st32:oy84vhDDx0bywjR3t32
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1