General
-
Target
7a33ae5a53405997e8284a9d140db8a91fb0d65541323b92d68f149d229b8884
-
Size
566KB
-
Sample
241111-hnfm8aylfk
-
MD5
76cc5bcb3a567676b8b35afae9ca540d
-
SHA1
365d63f6a85234551b9c39e51cd30ce08255d52d
-
SHA256
7a33ae5a53405997e8284a9d140db8a91fb0d65541323b92d68f149d229b8884
-
SHA512
16a94559e0737a37ffab4f8b98290f7fdbfc28df81113deda2eccb3de6a81a24d2dcd38c6c9bfb16a72a23b5788837b2cce6dfb9271f28fc823fd4898ecf0d4b
-
SSDEEP
12288:by9063cGXPbEpW6Idw3ooe/PRy+ow4SYuT:byNc6PopW/YHeE+bD3
Static task
static1
Behavioral task
behavioral1
Sample
7a33ae5a53405997e8284a9d140db8a91fb0d65541323b92d68f149d229b8884.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
7a33ae5a53405997e8284a9d140db8a91fb0d65541323b92d68f149d229b8884
-
Size
566KB
-
MD5
76cc5bcb3a567676b8b35afae9ca540d
-
SHA1
365d63f6a85234551b9c39e51cd30ce08255d52d
-
SHA256
7a33ae5a53405997e8284a9d140db8a91fb0d65541323b92d68f149d229b8884
-
SHA512
16a94559e0737a37ffab4f8b98290f7fdbfc28df81113deda2eccb3de6a81a24d2dcd38c6c9bfb16a72a23b5788837b2cce6dfb9271f28fc823fd4898ecf0d4b
-
SSDEEP
12288:by9063cGXPbEpW6Idw3ooe/PRy+ow4SYuT:byNc6PopW/YHeE+bD3
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1