Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3

  • Size

    363KB

  • Sample

    211019-mejqqsgehj

  • MD5

    46d44c09c8aa1f9a0a938e30289f5c5d

  • SHA1

    19da8bf53b4c81c8dcc0357757811975196ad597

  • SHA256

    371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3

  • SHA512

    00957484564027358c88f48c5b65631f3f3aac7f1c4df8f3b6ef1de56b5b46dbf26fd0e80220bdd8507cbc47401a8edd23d947fbc5ce82dc35fbf37d6e26632b

Score
10/10
redlineudpdiscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Targets

    • Target

      371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3

    • Size

      363KB

    • MD5

      46d44c09c8aa1f9a0a938e30289f5c5d

    • SHA1

      19da8bf53b4c81c8dcc0357757811975196ad597

    • SHA256

      371569c95dcb831b81552778bfa1673b5413bff8ac050e301be22b628c76ade3

    • SHA512

      00957484564027358c88f48c5b65631f3f3aac7f1c4df8f3b6ef1de56b5b46dbf26fd0e80220bdd8507cbc47401a8edd23d947fbc5ce82dc35fbf37d6e26632b

    Score
    10/10
    redlineudpdiscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks