General
-
Target
d241c3ee3226b473ce781e6640d3c24944ed93e186e357bf4d73f4eebace3453
-
Size
1.3MB
-
Sample
241111-grnmkatldw
-
MD5
94a4ffea38725bd3e209ef688e0c6be8
-
SHA1
d08b4d9b5a76baea58069ba6c63aedfefbdb9bb7
-
SHA256
d241c3ee3226b473ce781e6640d3c24944ed93e186e357bf4d73f4eebace3453
-
SHA512
23511277f57334de76a9062c88d87282df7df74be31467a915fbf01c4eb81f68d8a5061514933cd59f649e4f705d6cfb1b3e9f4808a9684157e6c8d13b36db79
-
SSDEEP
24576:TysEziN50opohiUnAig8+DAPxVjP/SaJMqlbrZrGga:msd01lt2exVjPKaiql
Static task
static1
Behavioral task
behavioral1
Sample
d241c3ee3226b473ce781e6640d3c24944ed93e186e357bf4d73f4eebace3453.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d241c3ee3226b473ce781e6640d3c24944ed93e186e357bf4d73f4eebace3453
-
Size
1.3MB
-
MD5
94a4ffea38725bd3e209ef688e0c6be8
-
SHA1
d08b4d9b5a76baea58069ba6c63aedfefbdb9bb7
-
SHA256
d241c3ee3226b473ce781e6640d3c24944ed93e186e357bf4d73f4eebace3453
-
SHA512
23511277f57334de76a9062c88d87282df7df74be31467a915fbf01c4eb81f68d8a5061514933cd59f649e4f705d6cfb1b3e9f4808a9684157e6c8d13b36db79
-
SSDEEP
24576:TysEziN50opohiUnAig8+DAPxVjP/SaJMqlbrZrGga:msd01lt2exVjPKaiql
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1