General
-
Target
f27121d70a03997c8cdb31ccc8f75550349dfd096551d7b4839c20b46b637cbf.exe
-
Size
608KB
-
Sample
241112-x1a1tsxrh1
-
MD5
64b940746d57a89fbcbd8ab6079cecc4
-
SHA1
57b753e12672bc4b62d77b2077f1536a0b009b57
-
SHA256
f27121d70a03997c8cdb31ccc8f75550349dfd096551d7b4839c20b46b637cbf
-
SHA512
d61ddb72ffa7080f372ddd6799628bdca4bcdbf1f3e5299646b6e920caf00ac8f7ce83121260ffd82f43ce262b8a6e2a00761c5733ce9fac5afacc026a19c1e6
-
SSDEEP
12288:Ky90lqrPkMy8ptvNUFvtevgSlUoNtDZs3E4Y90:KyfwUvu6ll1tP480
Static task
static1
Behavioral task
behavioral1
Sample
f27121d70a03997c8cdb31ccc8f75550349dfd096551d7b4839c20b46b637cbf.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f27121d70a03997c8cdb31ccc8f75550349dfd096551d7b4839c20b46b637cbf.exe
-
Size
608KB
-
MD5
64b940746d57a89fbcbd8ab6079cecc4
-
SHA1
57b753e12672bc4b62d77b2077f1536a0b009b57
-
SHA256
f27121d70a03997c8cdb31ccc8f75550349dfd096551d7b4839c20b46b637cbf
-
SHA512
d61ddb72ffa7080f372ddd6799628bdca4bcdbf1f3e5299646b6e920caf00ac8f7ce83121260ffd82f43ce262b8a6e2a00761c5733ce9fac5afacc026a19c1e6
-
SSDEEP
12288:Ky90lqrPkMy8ptvNUFvtevgSlUoNtDZs3E4Y90:KyfwUvu6ll1tP480
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1