General
-
Target
9ba030c11e810ad2700465f53a7ad60478e9e14a7b4e3e14e861c5c3decebfdc
-
Size
706KB
-
Sample
241115-aypd4swclg
-
MD5
369113b0c7c805a580f01854599f65f0
-
SHA1
32d401cdaf50173721cbbb8cfffa8d2cae67565b
-
SHA256
9ba030c11e810ad2700465f53a7ad60478e9e14a7b4e3e14e861c5c3decebfdc
-
SHA512
6bd9114c260795a5dccad3e1faef3a5d57498e4da67e9d155b7a4c2324e9b87d303350b013ea4f843865b45d7afdb03acbc16fc888397ae7b98257fd7467e06f
-
SSDEEP
12288:fy90BrnZcQau+DSBzYLFhzQG08y2fgr9iUaOU31Tu5TC1rHm:fyYwBaYLFi12XUaXMhaG
Static task
static1
Behavioral task
behavioral1
Sample
9ba030c11e810ad2700465f53a7ad60478e9e14a7b4e3e14e861c5c3decebfdc.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9ba030c11e810ad2700465f53a7ad60478e9e14a7b4e3e14e861c5c3decebfdc
-
Size
706KB
-
MD5
369113b0c7c805a580f01854599f65f0
-
SHA1
32d401cdaf50173721cbbb8cfffa8d2cae67565b
-
SHA256
9ba030c11e810ad2700465f53a7ad60478e9e14a7b4e3e14e861c5c3decebfdc
-
SHA512
6bd9114c260795a5dccad3e1faef3a5d57498e4da67e9d155b7a4c2324e9b87d303350b013ea4f843865b45d7afdb03acbc16fc888397ae7b98257fd7467e06f
-
SSDEEP
12288:fy90BrnZcQau+DSBzYLFhzQG08y2fgr9iUaOU31Tu5TC1rHm:fyYwBaYLFi12XUaXMhaG
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1