General
-
Target
bdb79e06e6499277104229d3cae943b48a1d1b4d42cd1a72ae62fd92715ce18d
-
Size
543KB
-
Sample
241115-b9t96swgrj
-
MD5
59008f9829678360740875b92d2ef7ea
-
SHA1
abda88131c6ead5a512d17ea920b5b658742ac11
-
SHA256
bdb79e06e6499277104229d3cae943b48a1d1b4d42cd1a72ae62fd92715ce18d
-
SHA512
a11a5de34f455dbdbaadc768ad3f7dd1547a96be06ba439eee1967fc129f2f98a996ee9f6deaa79a5d067248f0cfbde1e213fde67aaafbaa4bbb4ad38facfba9
-
SSDEEP
12288:7y90tIurssN6eCJQRWWfENe/0BHqKI2Qr8IgjD:7ypurssPuQMUyBKKI2G8IgjD
Static task
static1
Behavioral task
behavioral1
Sample
bdb79e06e6499277104229d3cae943b48a1d1b4d42cd1a72ae62fd92715ce18d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
bdb79e06e6499277104229d3cae943b48a1d1b4d42cd1a72ae62fd92715ce18d
-
Size
543KB
-
MD5
59008f9829678360740875b92d2ef7ea
-
SHA1
abda88131c6ead5a512d17ea920b5b658742ac11
-
SHA256
bdb79e06e6499277104229d3cae943b48a1d1b4d42cd1a72ae62fd92715ce18d
-
SHA512
a11a5de34f455dbdbaadc768ad3f7dd1547a96be06ba439eee1967fc129f2f98a996ee9f6deaa79a5d067248f0cfbde1e213fde67aaafbaa4bbb4ad38facfba9
-
SSDEEP
12288:7y90tIurssN6eCJQRWWfENe/0BHqKI2Qr8IgjD:7ypurssPuQMUyBKKI2G8IgjD
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1