redline | 5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

7

Sharing

General

Target

5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f
Size

103KB
Sample

211021-1lzmesaha3
MD5

4788b9f2b49471fa3f20ce9ac9fd8524
SHA1

37daa0fae772bf7634f1e71339a31252b86fd9a8
SHA256

5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f
SHA512

6ed4f4fc69872e2c92aa64913de9dd523fed4a8afb036462ddf20e2f210f6d0cb88c887a4b148bb0b3262bc49bf4ea8b54536b73e7b093aaeec7571595609ed8

Score

10^/10

redline slovarikinstalls discovery spyware stealer

Static task

static1

slovarikinstalls redline

Behavioral task

behavioral1

Sample

5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f.exe

Resource

win10-en-20210920

discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

slovarikinstalls

C2

185.215.113.94:35535

Targets

- Target
  
  5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f
- Size
  
  103KB
- MD5
  
  4788b9f2b49471fa3f20ce9ac9fd8524
- SHA1
  
  37daa0fae772bf7634f1e71339a31252b86fd9a8
- SHA256
  
  5733022e0a84fede4220137c51b947633ba407457ccaf3022bcec3876b2c7d0f
- SHA512
  
  6ed4f4fc69872e2c92aa64913de9dd523fed4a8afb036462ddf20e2f210f6d0cb88c887a4b148bb0b3262bc49bf4ea8b54536b73e7b093aaeec7571595609ed8
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

slovarikinstallsredline

behavioral1

discoveryspywarestealer

© 2018-2024

Terms | Privacy