General
-
Target
89d94b70a02777a3daab38fd51cd7b0ca8794dc9f0dee0a39c7526c9cdcecfbe
-
Size
541KB
-
Sample
241114-31788avhrd
-
MD5
7e866cfc6c87b9b8fa880113d4830c36
-
SHA1
9045b60cc882344026fc0bd3685125445acba8ed
-
SHA256
89d94b70a02777a3daab38fd51cd7b0ca8794dc9f0dee0a39c7526c9cdcecfbe
-
SHA512
fb746d2451f43a0fcacaa6ec822c83d956d5cebfda6e606b8be83460203fd1d7c554cd419f48093e493a319384a26d8b71d5e2db8fb6b2d8a0ec2d100ed6d6f0
-
SSDEEP
6144:Yap0yN90QEoCnjH7wsjEWpYvmJ/ByhTSgt1f4JCe6x0tWeEcxuBmPQko81FeZYrZ:My90iuwoTpYGAFQ8e6uYeEcYIqUCQqC
Static task
static1
Behavioral task
behavioral1
Sample
89d94b70a02777a3daab38fd51cd7b0ca8794dc9f0dee0a39c7526c9cdcecfbe.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
89d94b70a02777a3daab38fd51cd7b0ca8794dc9f0dee0a39c7526c9cdcecfbe
-
Size
541KB
-
MD5
7e866cfc6c87b9b8fa880113d4830c36
-
SHA1
9045b60cc882344026fc0bd3685125445acba8ed
-
SHA256
89d94b70a02777a3daab38fd51cd7b0ca8794dc9f0dee0a39c7526c9cdcecfbe
-
SHA512
fb746d2451f43a0fcacaa6ec822c83d956d5cebfda6e606b8be83460203fd1d7c554cd419f48093e493a319384a26d8b71d5e2db8fb6b2d8a0ec2d100ed6d6f0
-
SSDEEP
6144:Yap0yN90QEoCnjH7wsjEWpYvmJ/ByhTSgt1f4JCe6x0tWeEcxuBmPQko81FeZYrZ:My90iuwoTpYGAFQ8e6uYeEcYIqUCQqC
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1