General
-
Target
45bb4cc009605847c752f7045430c0891c55147fb1d4ffa1388e9e3db19ba3f2.exe
-
Size
551KB
-
Sample
241113-yt1tcaxpgx
-
MD5
304d4740717ef36d319d4ba933ea1909
-
SHA1
88ba9b37452a800fcd296c54b7d7f088576e6365
-
SHA256
45bb4cc009605847c752f7045430c0891c55147fb1d4ffa1388e9e3db19ba3f2
-
SHA512
e9b1dddcb1f58717efa5d1654a42e60e64bc6fa88491db0627c2ea36af11bce9d6faf7a9e6e1ca1466e70e7784ea499e4881bce4000fae55b3e96fe9fe7d0d04
-
SSDEEP
12288:Qy90tKjIbYdtX0lb7yCzxzTnmnd7axX929ba6rVuZR:QyGzbG0lb7yaT2d2/2Na6rVwR
Static task
static1
Behavioral task
behavioral1
Sample
45bb4cc009605847c752f7045430c0891c55147fb1d4ffa1388e9e3db19ba3f2.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
45bb4cc009605847c752f7045430c0891c55147fb1d4ffa1388e9e3db19ba3f2.exe
-
Size
551KB
-
MD5
304d4740717ef36d319d4ba933ea1909
-
SHA1
88ba9b37452a800fcd296c54b7d7f088576e6365
-
SHA256
45bb4cc009605847c752f7045430c0891c55147fb1d4ffa1388e9e3db19ba3f2
-
SHA512
e9b1dddcb1f58717efa5d1654a42e60e64bc6fa88491db0627c2ea36af11bce9d6faf7a9e6e1ca1466e70e7784ea499e4881bce4000fae55b3e96fe9fe7d0d04
-
SSDEEP
12288:Qy90tKjIbYdtX0lb7yCzxzTnmnd7axX929ba6rVuZR:QyGzbG0lb7yaT2d2/2Na6rVwR
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1