General
-
Target
82f7aa39e2b30b395d9b4df172f054756171f7328d99d519bef4169e3746e02d
-
Size
563KB
-
Sample
241111-hteccaymcm
-
MD5
ec36c8d3c68a9fe9b7dbeacb36218694
-
SHA1
9c11ce12f4630d8b7549206a6b141544c63c1cd1
-
SHA256
82f7aa39e2b30b395d9b4df172f054756171f7328d99d519bef4169e3746e02d
-
SHA512
43337db21fed7e086b3d5b55dec4ce172263bf7755c634fbcc628b4394f4a976d967948c99442b82bbe81a3910d976780b82503e9d003b336c4caf0d42a1a9ba
-
SSDEEP
12288:Ky90JEyvh73XGGOwKIyKm4ZDIUDVhMH2z8Cei/KDnfKI/J:Kyjwh7nGxDkDIsXy2oI/KDfB/J
Static task
static1
Behavioral task
behavioral1
Sample
82f7aa39e2b30b395d9b4df172f054756171f7328d99d519bef4169e3746e02d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
82f7aa39e2b30b395d9b4df172f054756171f7328d99d519bef4169e3746e02d
-
Size
563KB
-
MD5
ec36c8d3c68a9fe9b7dbeacb36218694
-
SHA1
9c11ce12f4630d8b7549206a6b141544c63c1cd1
-
SHA256
82f7aa39e2b30b395d9b4df172f054756171f7328d99d519bef4169e3746e02d
-
SHA512
43337db21fed7e086b3d5b55dec4ce172263bf7755c634fbcc628b4394f4a976d967948c99442b82bbe81a3910d976780b82503e9d003b336c4caf0d42a1a9ba
-
SSDEEP
12288:Ky90JEyvh73XGGOwKIyKm4ZDIUDVhMH2z8Cei/KDnfKI/J:Kyjwh7nGxDkDIsXy2oI/KDfB/J
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1