General
-
Target
6a00ab7744746cb5a12a16c1adb9dc2dba0198909b2a26737351ceac127dee55.exe
-
Size
552KB
-
Sample
241119-fb3wwa1dqn
-
MD5
52242df140cfb00245f252037251fed0
-
SHA1
21b679eeb90304ca79351293301a1aa97151646b
-
SHA256
6a00ab7744746cb5a12a16c1adb9dc2dba0198909b2a26737351ceac127dee55
-
SHA512
e302591d0ab5760ad417bfcb122afff4b74db88baa0efcc603dbcf11c70fe0fcdeadd2e7d3281901febecdd7ae0eea0102953ff99e3f68ea52ee514103e7fbab
-
SSDEEP
12288:Ay90mQgqQNIsXVRPS9mGM0GQqdrnJY8c094ZQ/wC7:AylQghbVRPnG1WrnTcWVJ7
Malware Config
Targets
-
-
Target
6a00ab7744746cb5a12a16c1adb9dc2dba0198909b2a26737351ceac127dee55.exe
-
Size
552KB
-
MD5
52242df140cfb00245f252037251fed0
-
SHA1
21b679eeb90304ca79351293301a1aa97151646b
-
SHA256
6a00ab7744746cb5a12a16c1adb9dc2dba0198909b2a26737351ceac127dee55
-
SHA512
e302591d0ab5760ad417bfcb122afff4b74db88baa0efcc603dbcf11c70fe0fcdeadd2e7d3281901febecdd7ae0eea0102953ff99e3f68ea52ee514103e7fbab
-
SSDEEP
12288:Ay90mQgqQNIsXVRPS9mGM0GQqdrnJY8c094ZQ/wC7:AylQghbVRPnG1WrnTcWVJ7
Score10/10-
Detects Healer an antivirus disabler dropper
-
Healer
Healer an antivirus disabler dropper.
-
Healer family
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1