General
-
Target
287c9660c07ac4675a47677458b15f818558daffa39761f0672a7da1ed5c1a65.exe
-
Size
568KB
-
Sample
241125-hkmx5aznbl
-
MD5
9c7a6959f8895c9b1a23bb1b81a6f4a7
-
SHA1
562f4c2035ba88fb4e0838f11a71ad459c744725
-
SHA256
287c9660c07ac4675a47677458b15f818558daffa39761f0672a7da1ed5c1a65
-
SHA512
12abe3a40eac564ecf78da56e1fc92e05bbe51da530f6e27aebb53520d9dabffdc500ec22eb1ae260d1f967a82e7128c7aee2cd0132340e57c11c9c37ec0f21b
-
SSDEEP
12288:/y9098+PIfhtGltMHDbTPBT5t5eYIeioiek4LNARp0x:/yeUGltCXFVt5eYIFQnWRp0x
Static task
static1
Behavioral task
behavioral1
Sample
287c9660c07ac4675a47677458b15f818558daffa39761f0672a7da1ed5c1a65.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
287c9660c07ac4675a47677458b15f818558daffa39761f0672a7da1ed5c1a65.exe
-
Size
568KB
-
MD5
9c7a6959f8895c9b1a23bb1b81a6f4a7
-
SHA1
562f4c2035ba88fb4e0838f11a71ad459c744725
-
SHA256
287c9660c07ac4675a47677458b15f818558daffa39761f0672a7da1ed5c1a65
-
SHA512
12abe3a40eac564ecf78da56e1fc92e05bbe51da530f6e27aebb53520d9dabffdc500ec22eb1ae260d1f967a82e7128c7aee2cd0132340e57c11c9c37ec0f21b
-
SSDEEP
12288:/y9098+PIfhtGltMHDbTPBT5t5eYIeioiek4LNARp0x:/yeUGltCXFVt5eYIFQnWRp0x
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1