General
-
Target
08afa773697e5963b0b95b64b672cc433190b55b99854e3aa67e4d51bc58e32c
-
Size
415KB
-
Sample
241112-x4p9xssnbr
-
MD5
48d384fac93f513e8c53746e8a39773c
-
SHA1
d85267a93a1544474180e68aae9df7ad851c0bbc
-
SHA256
08afa773697e5963b0b95b64b672cc433190b55b99854e3aa67e4d51bc58e32c
-
SHA512
30007f3639faa47b381e9f3972de4aa65136e1854dc1191cff3341ad183be88b1fd0ea35ac13f5073bd4413ca5dcbecfcdf0f64122a1edbbcdb8f2a778b8f798
-
SSDEEP
12288:sy906z8X3SjXrTwPdrnJY8c0nkZQQu/NrwbG3:syLzSu70FrnTc0xwm
Static task
static1
Behavioral task
behavioral1
Sample
08afa773697e5963b0b95b64b672cc433190b55b99854e3aa67e4d51bc58e32c.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
08afa773697e5963b0b95b64b672cc433190b55b99854e3aa67e4d51bc58e32c
-
Size
415KB
-
MD5
48d384fac93f513e8c53746e8a39773c
-
SHA1
d85267a93a1544474180e68aae9df7ad851c0bbc
-
SHA256
08afa773697e5963b0b95b64b672cc433190b55b99854e3aa67e4d51bc58e32c
-
SHA512
30007f3639faa47b381e9f3972de4aa65136e1854dc1191cff3341ad183be88b1fd0ea35ac13f5073bd4413ca5dcbecfcdf0f64122a1edbbcdb8f2a778b8f798
-
SSDEEP
12288:sy906z8X3SjXrTwPdrnJY8c0nkZQQu/NrwbG3:syLzSu70FrnTc0xwm
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1