General
-
Target
6f7a4ee9285ba59759f85e793b2c32ee0cdc494f1b62ddfc4f12b8cebf06de61
-
Size
563KB
-
Sample
241111-gwdcdsvdkg
-
MD5
749b5ca141b359e894284cd872179958
-
SHA1
686f5225c4692b0d46fa1fe4db61644435891b49
-
SHA256
6f7a4ee9285ba59759f85e793b2c32ee0cdc494f1b62ddfc4f12b8cebf06de61
-
SHA512
a77928f58226e7ce3fa2e9cc8add4089778057100e976583ef9e0a5da6ce3dc27cb8d4950363933c46fcc431729b9270279c4b00b9c940e3aff59bd2be8a760c
-
SSDEEP
12288:Py90yF4QdYf5dcIDI3NjLguPMCzbZa5WpPIclk7I:PyVF4j5SYI3N3gAaqPNh
Static task
static1
Behavioral task
behavioral1
Sample
6f7a4ee9285ba59759f85e793b2c32ee0cdc494f1b62ddfc4f12b8cebf06de61.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6f7a4ee9285ba59759f85e793b2c32ee0cdc494f1b62ddfc4f12b8cebf06de61
-
Size
563KB
-
MD5
749b5ca141b359e894284cd872179958
-
SHA1
686f5225c4692b0d46fa1fe4db61644435891b49
-
SHA256
6f7a4ee9285ba59759f85e793b2c32ee0cdc494f1b62ddfc4f12b8cebf06de61
-
SHA512
a77928f58226e7ce3fa2e9cc8add4089778057100e976583ef9e0a5da6ce3dc27cb8d4950363933c46fcc431729b9270279c4b00b9c940e3aff59bd2be8a760c
-
SSDEEP
12288:Py90yF4QdYf5dcIDI3NjLguPMCzbZa5WpPIclk7I:PyVF4j5SYI3N3gAaqPNh
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1