General
-
Target
6590974e71a7b54d9a65ee9a4864932afe9ef6ed9f0f0cbc23fef475f955ed84N.exe
-
Size
409KB
-
Sample
241112-x2e16ssmgp
-
MD5
0011da2f33cb92a04809643811462330
-
SHA1
4e6e97a8af39ef1949ce2ac13d5704c8eaa8a979
-
SHA256
6590974e71a7b54d9a65ee9a4864932afe9ef6ed9f0f0cbc23fef475f955ed84
-
SHA512
10c520aa965542e260723dfc831fb916fdc4312c085c7c594c4e959d4f11858098c2fbad10597e0a2e8e29729ff196683bd9ff192480c4e348069879f5c2ec14
-
SSDEEP
6144:Zxp0yN90QEsS1gF96OZvJu8Tiz7xEsamwer5A7DCpS0Ko4bPeav9baMuwZ:6y90mignK8uREfmpl8L0roeagsZ
Static task
static1
Behavioral task
behavioral1
Sample
6590974e71a7b54d9a65ee9a4864932afe9ef6ed9f0f0cbc23fef475f955ed84N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6590974e71a7b54d9a65ee9a4864932afe9ef6ed9f0f0cbc23fef475f955ed84N.exe
-
Size
409KB
-
MD5
0011da2f33cb92a04809643811462330
-
SHA1
4e6e97a8af39ef1949ce2ac13d5704c8eaa8a979
-
SHA256
6590974e71a7b54d9a65ee9a4864932afe9ef6ed9f0f0cbc23fef475f955ed84
-
SHA512
10c520aa965542e260723dfc831fb916fdc4312c085c7c594c4e959d4f11858098c2fbad10597e0a2e8e29729ff196683bd9ff192480c4e348069879f5c2ec14
-
SSDEEP
6144:Zxp0yN90QEsS1gF96OZvJu8Tiz7xEsamwer5A7DCpS0Ko4bPeav9baMuwZ:6y90mignK8uREfmpl8L0roeagsZ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1