General
-
Target
dd90b88c523ae9eec6f01b9cb38eabeb6f7880125e60e78e999e729b8e4f96b4
-
Size
624KB
-
Sample
241117-lyjpeawpdx
-
MD5
e1ea14c15c69bdd8b3d82e2e228713ac
-
SHA1
0428efeef8b4b377064334b80193ec8391b4d59a
-
SHA256
dd90b88c523ae9eec6f01b9cb38eabeb6f7880125e60e78e999e729b8e4f96b4
-
SHA512
722e15c61d2181652880ae03cb2b7af30a1950ce7813b80f302df1ff8d3aa866a5ec67879632c45a72a5eff9dfc8882038b862822894c146f5a4589e1a449239
-
SSDEEP
12288:Gy90xiAY4ewLIAKY82YKqT4hiuLGz/p9xQJStJ3cAcW4lx3/bMVy:GyIiLtwg3hTQRO/4St5cNlNbSy
Static task
static1
Behavioral task
behavioral1
Sample
dd90b88c523ae9eec6f01b9cb38eabeb6f7880125e60e78e999e729b8e4f96b4.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
dd90b88c523ae9eec6f01b9cb38eabeb6f7880125e60e78e999e729b8e4f96b4
-
Size
624KB
-
MD5
e1ea14c15c69bdd8b3d82e2e228713ac
-
SHA1
0428efeef8b4b377064334b80193ec8391b4d59a
-
SHA256
dd90b88c523ae9eec6f01b9cb38eabeb6f7880125e60e78e999e729b8e4f96b4
-
SHA512
722e15c61d2181652880ae03cb2b7af30a1950ce7813b80f302df1ff8d3aa866a5ec67879632c45a72a5eff9dfc8882038b862822894c146f5a4589e1a449239
-
SSDEEP
12288:Gy90xiAY4ewLIAKY82YKqT4hiuLGz/p9xQJStJ3cAcW4lx3/bMVy:GyIiLtwg3hTQRO/4St5cNlNbSy
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1