General
-
Target
9df30003f6e617cf62991a6d434664c1afceff16f62af2d4cf9a2d9d4b25ec3f
-
Size
469KB
-
Sample
241117-jq2h5strcw
-
MD5
747a3f172ecadce0a46a36f430a1dc07
-
SHA1
999d010da40fbf83cb94fbf8ecc8b97bd633e738
-
SHA256
9df30003f6e617cf62991a6d434664c1afceff16f62af2d4cf9a2d9d4b25ec3f
-
SHA512
2035428bb6ad2de51cdc25c7241154fe138fd18ae2a38515f4466ede2af559b0534cdcebc10fb22e313fa9557d630ec5f9070f367bcfb5e28a78578164ef27d9
-
SSDEEP
6144:g7p0yN90QEyK6p9YHpRzdqqt9qHUX4twh/qubUA5uvU/p9xVlIp7fTNRrsVpzytZ:hy90QiJRzdQHEhiuDYc/p9xMropzytZ
Static task
static1
Behavioral task
behavioral1
Sample
9df30003f6e617cf62991a6d434664c1afceff16f62af2d4cf9a2d9d4b25ec3f.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9df30003f6e617cf62991a6d434664c1afceff16f62af2d4cf9a2d9d4b25ec3f
-
Size
469KB
-
MD5
747a3f172ecadce0a46a36f430a1dc07
-
SHA1
999d010da40fbf83cb94fbf8ecc8b97bd633e738
-
SHA256
9df30003f6e617cf62991a6d434664c1afceff16f62af2d4cf9a2d9d4b25ec3f
-
SHA512
2035428bb6ad2de51cdc25c7241154fe138fd18ae2a38515f4466ede2af559b0534cdcebc10fb22e313fa9557d630ec5f9070f367bcfb5e28a78578164ef27d9
-
SSDEEP
6144:g7p0yN90QEyK6p9YHpRzdqqt9qHUX4twh/qubUA5uvU/p9xVlIp7fTNRrsVpzytZ:hy90QiJRzdQHEhiuDYc/p9xMropzytZ
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1