General
-
Target
d971b6b7b6ef9adea7aae6afe34d833574ab9bf94c854beb8bf83feb75e2ee9dN.exe
-
Size
1.2MB
-
Sample
241117-tkdj8stdnj
-
MD5
b7060e26bf8c1098e6eb5a6a6bb7acd0
-
SHA1
05bd387ae2ebba3064699d80857b5c8f2ad7d156
-
SHA256
d971b6b7b6ef9adea7aae6afe34d833574ab9bf94c854beb8bf83feb75e2ee9d
-
SHA512
a0d340b999cd2fd61f61941d952eb878392fb7018539e632509471ecdcbb5e31e36c0a5266393186fdd7f5569e40145da85ac0cfd1bb52ea2ff540c07dcb6aca
-
SSDEEP
24576:tydqSZ2zygDQk6kyp09AEHF/emcVgqOXqC5CqcsD7YsYvDlB7f6EIiK9:IdXZ223kyp+ldcVgPaC56tsYvhB7ia
Static task
static1
Behavioral task
behavioral1
Sample
d971b6b7b6ef9adea7aae6afe34d833574ab9bf94c854beb8bf83feb75e2ee9dN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
d971b6b7b6ef9adea7aae6afe34d833574ab9bf94c854beb8bf83feb75e2ee9dN.exe
-
Size
1.2MB
-
MD5
b7060e26bf8c1098e6eb5a6a6bb7acd0
-
SHA1
05bd387ae2ebba3064699d80857b5c8f2ad7d156
-
SHA256
d971b6b7b6ef9adea7aae6afe34d833574ab9bf94c854beb8bf83feb75e2ee9d
-
SHA512
a0d340b999cd2fd61f61941d952eb878392fb7018539e632509471ecdcbb5e31e36c0a5266393186fdd7f5569e40145da85ac0cfd1bb52ea2ff540c07dcb6aca
-
SSDEEP
24576:tydqSZ2zygDQk6kyp09AEHF/emcVgqOXqC5CqcsD7YsYvDlB7f6EIiK9:IdXZ223kyp+ldcVgPaC56tsYvhB7ia
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1