General
-
Target
2a57e9f62ece12954e9fccc3f501ae1dbda331e87edb86c263176f95fb3d78aeN
-
Size
406KB
-
Sample
241112-xtjdmayhjr
-
MD5
22e85c60dd7a206cbe844364f79769c0
-
SHA1
eae116c335702967eafcf331ccea7663156a859e
-
SHA256
2a57e9f62ece12954e9fccc3f501ae1dbda331e87edb86c263176f95fb3d78ae
-
SHA512
093911a6fb1c1dbe9838c50b5a446be99679843cbfb25ad32938034b3532cfeead1af9c52ae1dc0fc8de6883187b7c307fcdd4b53914275b6ade134d9b96cfc6
-
SSDEEP
6144:0Ep0yN90QE3ZPnKYzzz+V5WF6tICW3d5u2VGyGcURe2Bi2c9Sv54zbYce:ey90dZ1zzIWIq3d3y09SvHce
Static task
static1
Behavioral task
behavioral1
Sample
2a57e9f62ece12954e9fccc3f501ae1dbda331e87edb86c263176f95fb3d78aeN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2a57e9f62ece12954e9fccc3f501ae1dbda331e87edb86c263176f95fb3d78aeN
-
Size
406KB
-
MD5
22e85c60dd7a206cbe844364f79769c0
-
SHA1
eae116c335702967eafcf331ccea7663156a859e
-
SHA256
2a57e9f62ece12954e9fccc3f501ae1dbda331e87edb86c263176f95fb3d78ae
-
SHA512
093911a6fb1c1dbe9838c50b5a446be99679843cbfb25ad32938034b3532cfeead1af9c52ae1dc0fc8de6883187b7c307fcdd4b53914275b6ade134d9b96cfc6
-
SSDEEP
6144:0Ep0yN90QE3ZPnKYzzz+V5WF6tICW3d5u2VGyGcURe2Bi2c9Sv54zbYce:ey90dZ1zzIWIq3d3y09SvHce
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1