Overview

overview

10

Static

static

3

650b71691e...4d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    650b71691e96d60725ff212fcc6006b7d2ecabb5d54a3e9f228ed1dbfb37a84d

  • Size

    549KB

  • Sample

    241122-3bvltsxqhq

  • MD5

    f003e9a3df6721a62f62ebb540676fc3

  • SHA1

    0fd34245cc8f8e21cf9ff1a4ad18235f4954214d

  • SHA256

    650b71691e96d60725ff212fcc6006b7d2ecabb5d54a3e9f228ed1dbfb37a84d

  • SHA512

    0a0c19a47ead11a72431ac8c888b1d9d754ac1ed51dfaf60622e1195c5ecd7a22c853366cc922e789f7e4eddd844ca85bce35051c750b7014fba87484dcb7bd5

  • SSDEEP

    12288:jy907OSFow/vSLnBl6I9LGuDMuzbwori:jy8OSv/ol6I1GQti

Score
10/10
healerredlinediscoverydropperevasioninfostealerpersistencetrojan

Malware Config

Targets

    • Target

      650b71691e96d60725ff212fcc6006b7d2ecabb5d54a3e9f228ed1dbfb37a84d

    • Size

      549KB

    • MD5

      f003e9a3df6721a62f62ebb540676fc3

    • SHA1

      0fd34245cc8f8e21cf9ff1a4ad18235f4954214d

    • SHA256

      650b71691e96d60725ff212fcc6006b7d2ecabb5d54a3e9f228ed1dbfb37a84d

    • SHA512

      0a0c19a47ead11a72431ac8c888b1d9d754ac1ed51dfaf60622e1195c5ecd7a22c853366cc922e789f7e4eddd844ca85bce35051c750b7014fba87484dcb7bd5

    • SSDEEP

      12288:jy907OSFow/vSLnBl6I9LGuDMuzbwori:jy8OSv/ol6I1GQti

    Score
    10/10
    healerredlinediscoverydropperevasioninfostealerpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Healer family

      healer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks