General
-
Target
de2d1074849d4f8d1f79afaa0d1407aa28f08c3962eef0fe5aa39481eea09aaf.exe
-
Size
763KB
-
Sample
241117-tf782stdjj
-
MD5
0252476cf6b34142beffbc1a8bf3ed20
-
SHA1
50fb3b08ad1c5634c276b70066f31740fb8a6478
-
SHA256
de2d1074849d4f8d1f79afaa0d1407aa28f08c3962eef0fe5aa39481eea09aaf
-
SHA512
54288056960e6e24689a7f853a472a36695597540e97bf61e522a16157face34c0905efca7dc16f5570672d7767713cc324d7432cbab9893cd2d9f1897375518
-
SSDEEP
12288:hy90+aQH+HYs/CgGocbJom8i2hNv05tgnAVrE9Skfm3wq87SnbpAT5Bck6:hyxaQqubJgNrs5rE9XfccYb86
Static task
static1
Behavioral task
behavioral1
Sample
de2d1074849d4f8d1f79afaa0d1407aa28f08c3962eef0fe5aa39481eea09aaf.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
de2d1074849d4f8d1f79afaa0d1407aa28f08c3962eef0fe5aa39481eea09aaf.exe
-
Size
763KB
-
MD5
0252476cf6b34142beffbc1a8bf3ed20
-
SHA1
50fb3b08ad1c5634c276b70066f31740fb8a6478
-
SHA256
de2d1074849d4f8d1f79afaa0d1407aa28f08c3962eef0fe5aa39481eea09aaf
-
SHA512
54288056960e6e24689a7f853a472a36695597540e97bf61e522a16157face34c0905efca7dc16f5570672d7767713cc324d7432cbab9893cd2d9f1897375518
-
SSDEEP
12288:hy90+aQH+HYs/CgGocbJom8i2hNv05tgnAVrE9Skfm3wq87SnbpAT5Bck6:hyxaQqubJgNrs5rE9XfccYb86
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1