General
-
Target
189c7eefab7ce0eb6c46397e8dc1c027ac26787339fa8c2583a9f11dd2c042ef
-
Size
1.1MB
-
Sample
241111-hjxe6svgqf
-
MD5
1de5705e3bbc894d0066581b07bc9275
-
SHA1
98164d7c6d360d17b17ef2f69cc30377031b2dba
-
SHA256
189c7eefab7ce0eb6c46397e8dc1c027ac26787339fa8c2583a9f11dd2c042ef
-
SHA512
c19850cd43701b9ebb6262c6d51c9117d45a78f2a51d2148870667d2d5ef7a90369b9fe7b1b249189c803ec60c2e40cda1fb5e1121f6279ab767fb586e016185
-
SSDEEP
24576:oywlIIRrkvR5d+BgQautHRumSGtul3GidEyz:v73d+BgQaYxe+uFnr
Static task
static1
Behavioral task
behavioral1
Sample
189c7eefab7ce0eb6c46397e8dc1c027ac26787339fa8c2583a9f11dd2c042ef.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
189c7eefab7ce0eb6c46397e8dc1c027ac26787339fa8c2583a9f11dd2c042ef
-
Size
1.1MB
-
MD5
1de5705e3bbc894d0066581b07bc9275
-
SHA1
98164d7c6d360d17b17ef2f69cc30377031b2dba
-
SHA256
189c7eefab7ce0eb6c46397e8dc1c027ac26787339fa8c2583a9f11dd2c042ef
-
SHA512
c19850cd43701b9ebb6262c6d51c9117d45a78f2a51d2148870667d2d5ef7a90369b9fe7b1b249189c803ec60c2e40cda1fb5e1121f6279ab767fb586e016185
-
SSDEEP
24576:oywlIIRrkvR5d+BgQautHRumSGtul3GidEyz:v73d+BgQaYxe+uFnr
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1