General
-
Target
8c15502d0695900af97a105f335a12abf4bb2b1ac0dda5219e0689f0585c3850
-
Size
569KB
-
Sample
241122-catp2a1rds
-
MD5
708ea47536d313e368916e66e1499c7c
-
SHA1
6ef18031f7f5d2ffa575e5435a659a0a27ca84cd
-
SHA256
8c15502d0695900af97a105f335a12abf4bb2b1ac0dda5219e0689f0585c3850
-
SHA512
29a9c6131594cd3a51c7a0ecea16b84ab9177766921bdd089b5f6a3ae30f2484a0c2a2a93b90ff04ab9915b256b43708329e22cb214cdcc0d3aee0566eaa9ad7
-
SSDEEP
12288:8y90R4F3Z6H2Mod62y1k8mUOe8HIAY083E:8y3F3Z6dQ6L1kZUOe8HFSU
Static task
static1
Behavioral task
behavioral1
Sample
8c15502d0695900af97a105f335a12abf4bb2b1ac0dda5219e0689f0585c3850.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8c15502d0695900af97a105f335a12abf4bb2b1ac0dda5219e0689f0585c3850
-
Size
569KB
-
MD5
708ea47536d313e368916e66e1499c7c
-
SHA1
6ef18031f7f5d2ffa575e5435a659a0a27ca84cd
-
SHA256
8c15502d0695900af97a105f335a12abf4bb2b1ac0dda5219e0689f0585c3850
-
SHA512
29a9c6131594cd3a51c7a0ecea16b84ab9177766921bdd089b5f6a3ae30f2484a0c2a2a93b90ff04ab9915b256b43708329e22cb214cdcc0d3aee0566eaa9ad7
-
SSDEEP
12288:8y90R4F3Z6H2Mod62y1k8mUOe8HIAY083E:8y3F3Z6dQ6L1kZUOe8HFSU
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1