redline | 40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

7

Sharing

General

Target

40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
Size

113KB
Sample

211014-hfnnvsgcal
MD5

2ecd8ebf431a9f066a58ec9617359448
SHA1

48b2430f05301b1438d9d98c422b4a580027f95c
SHA256

40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
SHA512

ec356b85095e5916a70d65c88533f41b8e12e57b3798a22f46ac8dc2b99267d264eaf946126be3cde46cbcfbcf5f4358c9d54738dcbd94d829dafe9c44f8f123

Score

10^/10

redline 12102021 discovery spyware stealer

Static task

static1

12102021 redline

Behavioral task

behavioral1

Sample

40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70.exe

Resource

win10-en-20210920

discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

12102021

C2

185.191.32.196:46757

Targets

- Target
  
  40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
- Size
  
  113KB
- MD5
  
  2ecd8ebf431a9f066a58ec9617359448
- SHA1
  
  48b2430f05301b1438d9d98c422b4a580027f95c
- SHA256
  
  40441144fe5d0b152a6817ab9e18852871acbffae36d8a3d7833a9eddee18e70
- SHA512
  
  ec356b85095e5916a70d65c88533f41b8e12e57b3798a22f46ac8dc2b99267d264eaf946126be3cde46cbcfbcf5f4358c9d54738dcbd94d829dafe9c44f8f123
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

12102021redline

behavioral1

discoveryspywarestealer

© 2018-2024

Terms | Privacy