General
-
Target
3b6ced0fd1be61b13724c7a5df5246f93477c9bfd69893d12f63cdde5cc35d2e.exe
-
Size
415KB
-
Sample
241113-rfvlvaspcs
-
MD5
4444646224a2df061bd97d68a61a1561
-
SHA1
f5c916f89d449b2d8ef1c903e15d9c394987cb9f
-
SHA256
3b6ced0fd1be61b13724c7a5df5246f93477c9bfd69893d12f63cdde5cc35d2e
-
SHA512
208577a5f587bb958c2b7ab49a811860120884d3ae9cd52f9209af131f44464cf2b7b68b2900035e98e2cae1fee16759ea28d974193e1ab3dcdce0e04f641b7d
-
SSDEEP
6144:lep0yN90QEW+10YgISOSpUaFfiQqdrnmkY8c0pG711ZQEDMnKcF/L1Md:Vy90x1n+pUaFQdrnJY8c08TZQQ0/L1Md
Static task
static1
Behavioral task
behavioral1
Sample
3b6ced0fd1be61b13724c7a5df5246f93477c9bfd69893d12f63cdde5cc35d2e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
3b6ced0fd1be61b13724c7a5df5246f93477c9bfd69893d12f63cdde5cc35d2e.exe
-
Size
415KB
-
MD5
4444646224a2df061bd97d68a61a1561
-
SHA1
f5c916f89d449b2d8ef1c903e15d9c394987cb9f
-
SHA256
3b6ced0fd1be61b13724c7a5df5246f93477c9bfd69893d12f63cdde5cc35d2e
-
SHA512
208577a5f587bb958c2b7ab49a811860120884d3ae9cd52f9209af131f44464cf2b7b68b2900035e98e2cae1fee16759ea28d974193e1ab3dcdce0e04f641b7d
-
SSDEEP
6144:lep0yN90QEW+10YgISOSpUaFfiQqdrnmkY8c0pG711ZQEDMnKcF/L1Md:Vy90x1n+pUaFQdrnJY8c08TZQQ0/L1Md
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1