Extracted

• • Target

    467759d01e5da5f0afbce2f7a57fe9529f3b989c206ed42374d4185fbf79f797N.exe

  • Size

    411KB

  • MD5

    82f5a8ab9a294246b8a13cf7aef595e0

  • SHA1

    f98a88b79cd1e2185345bf0ea860c650b96161ca

  • SHA256

    467759d01e5da5f0afbce2f7a57fe9529f3b989c206ed42374d4185fbf79f797

  • SHA512

    4f4b9031e796418198d7b7b4ad71d9a441381619423f2bb6b41f64840e0059276b55b4886513845672563d10716c72e264fbc1eeb971bbd4afdd217ebf6e8aa0

  • SSDEEP

    6144:KEy+bnr+8p0yN90QE7WLEhjjOVoZ29EXQ3LJN2ejNVfKP6tDuEFN9qyx6erZbVf:wMrgy90VHrPXcLNdKypzNPxtr3

  Score

  10^/10

  healerredlineborisdiscoverydropperevasioninfostealerpersistencetrojan

  • Detects Healer an antivirus disabler dropper

  • Healer

    Healer an antivirus disabler dropper.

    dropperhealer

  • Healer family

    healer

  • Modifies Windows Defender Real-time Protection settings

    evasiontrojan

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

  • RedLine payload

  • Redline family

    redline

  • Executes dropped EXE

  • Windows security modification

    evasiontrojan

  • Adds Run key to start application

    persistence
  behavioral1