General
-
Target
323f9e8d96eccac2090c122ee78ec1215d1f657ecef98dde4a54476f9921d96f
-
Size
914KB
-
Sample
241113-zs4z2sygmh
-
MD5
e7cba55693c8ab23f83ece5d944b367d
-
SHA1
bad25ba8f270984864b98411ea411f8dddbd9271
-
SHA256
323f9e8d96eccac2090c122ee78ec1215d1f657ecef98dde4a54476f9921d96f
-
SHA512
1f148478a15754cc99a21c899cccd0197ee0e4696be855e9e1794fede28cea6eac1c77e42c67e8c629f7905efe5bc7843457e29e4e3927a59ccbd871a51f5cb3
-
SSDEEP
12288:2MrWy90tU4ny/VdG1fy6uvqSFBb7oKMqTaQoAJo2m7cWAHyRod3yGDmjynUXzKf4:IymiTG14vqQcfA9vWmyRa3ygIekae
Static task
static1
Behavioral task
behavioral1
Sample
323f9e8d96eccac2090c122ee78ec1215d1f657ecef98dde4a54476f9921d96f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
323f9e8d96eccac2090c122ee78ec1215d1f657ecef98dde4a54476f9921d96f
-
Size
914KB
-
MD5
e7cba55693c8ab23f83ece5d944b367d
-
SHA1
bad25ba8f270984864b98411ea411f8dddbd9271
-
SHA256
323f9e8d96eccac2090c122ee78ec1215d1f657ecef98dde4a54476f9921d96f
-
SHA512
1f148478a15754cc99a21c899cccd0197ee0e4696be855e9e1794fede28cea6eac1c77e42c67e8c629f7905efe5bc7843457e29e4e3927a59ccbd871a51f5cb3
-
SSDEEP
12288:2MrWy90tU4ny/VdG1fy6uvqSFBb7oKMqTaQoAJo2m7cWAHyRod3yGDmjynUXzKf4:IymiTG14vqQcfA9vWmyRa3ygIekae
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1