General
-
Target
0a46fccbbd65dd5e0be4a68a72ba35ab76635ff0b8929a61465d5dec9c609b8bN.exe
-
Size
412KB
-
Sample
241113-pdr2ts1mav
-
MD5
fd0b9715551be210b7dec38d37e95560
-
SHA1
033a2e7c207494f51ae16f210169f7793546164e
-
SHA256
0a46fccbbd65dd5e0be4a68a72ba35ab76635ff0b8929a61465d5dec9c609b8b
-
SHA512
63f0bea072a5f510f027e807ecdccb2fd6f8245a7a51d728cd36a2c39813d5bf991058e159901806013327c683ed4440e98dc1647dfb42c88d8fc509a72e6cba
-
SSDEEP
12288:Iy90CIpv1/YoItPfrF9miDZvsyIiytLDmQ:IyNUqDfB9midvjEl
Static task
static1
Behavioral task
behavioral1
Sample
0a46fccbbd65dd5e0be4a68a72ba35ab76635ff0b8929a61465d5dec9c609b8bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0a46fccbbd65dd5e0be4a68a72ba35ab76635ff0b8929a61465d5dec9c609b8bN.exe
-
Size
412KB
-
MD5
fd0b9715551be210b7dec38d37e95560
-
SHA1
033a2e7c207494f51ae16f210169f7793546164e
-
SHA256
0a46fccbbd65dd5e0be4a68a72ba35ab76635ff0b8929a61465d5dec9c609b8b
-
SHA512
63f0bea072a5f510f027e807ecdccb2fd6f8245a7a51d728cd36a2c39813d5bf991058e159901806013327c683ed4440e98dc1647dfb42c88d8fc509a72e6cba
-
SSDEEP
12288:Iy90CIpv1/YoItPfrF9miDZvsyIiytLDmQ:IyNUqDfB9midvjEl
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1