General
-
Target
0b4aea3b555b3f1347cc483889eaeeab64399fe4fc3b819d81b647ec050cfd46N.exe
-
Size
468KB
-
Sample
241112-zawkyszkcs
-
MD5
5040e9e79b2a8bf035607d4465e7edd0
-
SHA1
305636e563dd2b156ceb833c9d5e6b531d336a5b
-
SHA256
0b4aea3b555b3f1347cc483889eaeeab64399fe4fc3b819d81b647ec050cfd46
-
SHA512
b7cd324ce40b019aa5ef77313b5a41fd240dbd5299e4106b1884bdf880e088868ceaf46e9f3538595be2ac639762722e0c03317d3847c10938afc770998478b8
-
SSDEEP
6144:3Op0yN90QE2Ka1nNlD/l23fdQ0rli11wVKY1D9M3hqjxjceq5VhKc5UkqeiVqq:/y908nlB2/A8VKQK3Cceq5NgFVqq
Static task
static1
Behavioral task
behavioral1
Sample
0b4aea3b555b3f1347cc483889eaeeab64399fe4fc3b819d81b647ec050cfd46N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0b4aea3b555b3f1347cc483889eaeeab64399fe4fc3b819d81b647ec050cfd46N.exe
-
Size
468KB
-
MD5
5040e9e79b2a8bf035607d4465e7edd0
-
SHA1
305636e563dd2b156ceb833c9d5e6b531d336a5b
-
SHA256
0b4aea3b555b3f1347cc483889eaeeab64399fe4fc3b819d81b647ec050cfd46
-
SHA512
b7cd324ce40b019aa5ef77313b5a41fd240dbd5299e4106b1884bdf880e088868ceaf46e9f3538595be2ac639762722e0c03317d3847c10938afc770998478b8
-
SSDEEP
6144:3Op0yN90QE2Ka1nNlD/l23fdQ0rli11wVKY1D9M3hqjxjceq5VhKc5UkqeiVqq:/y908nlB2/A8VKQK3Cceq5NgFVqq
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1