General
-
Target
c6cc56aa8b44da0bfcb03bfc237e238aaa694e1ddca560d94c5430b0c3bc8320
-
Size
376KB
-
Sample
241111-hjvlksvdqk
-
MD5
226ebef289d183a186a2dcdaff6d9f10
-
SHA1
8f6779fce4c761ad3ffb02107a61b205f3505cd3
-
SHA256
c6cc56aa8b44da0bfcb03bfc237e238aaa694e1ddca560d94c5430b0c3bc8320
-
SHA512
e13bba9acf435644b89c12e55784dd02e86fb23a9b33d5e0ebecfc5f26c2511202f46cbaa4f2c1337fb5b72d32315f97644ff1f22309f0baf883302a912e0c27
-
SSDEEP
6144:KIy+bnr+Vp0yN90QEq9eQQAZtRYQsZA1CgFrHWYyjcMni8wi36xz1/krc7An60Ib:YMr9y90kVGTgtWdirF1/wPnnIb
Static task
static1
Behavioral task
behavioral1
Sample
c6cc56aa8b44da0bfcb03bfc237e238aaa694e1ddca560d94c5430b0c3bc8320.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c6cc56aa8b44da0bfcb03bfc237e238aaa694e1ddca560d94c5430b0c3bc8320
-
Size
376KB
-
MD5
226ebef289d183a186a2dcdaff6d9f10
-
SHA1
8f6779fce4c761ad3ffb02107a61b205f3505cd3
-
SHA256
c6cc56aa8b44da0bfcb03bfc237e238aaa694e1ddca560d94c5430b0c3bc8320
-
SHA512
e13bba9acf435644b89c12e55784dd02e86fb23a9b33d5e0ebecfc5f26c2511202f46cbaa4f2c1337fb5b72d32315f97644ff1f22309f0baf883302a912e0c27
-
SSDEEP
6144:KIy+bnr+Vp0yN90QEq9eQQAZtRYQsZA1CgFrHWYyjcMni8wi36xz1/krc7An60Ib:YMr9y90kVGTgtWdirF1/wPnnIb
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1