redline | 35968aadf68d8058219fea9aa038ae2b0df8466aeaa1ed970b2488300444caca | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

35968aadf68d8058219fea9aa038ae2b0df8466aeaa1ed970b2488300444caca
Size

442KB
Sample

211023-gqem9sdahq
MD5

318aee78bb102ccdfd53ab9174cf8da7
SHA1

743a858f375946b8929d2be5bfe6ea8316c1f9fd
SHA256

35968aadf68d8058219fea9aa038ae2b0df8466aeaa1ed970b2488300444caca
SHA512

6be1e9bf17ac305951abb8896d4464c255fe47c381f92ab615b34bef0e01e5c920d0f9c401285e4f0c61640be840b947d230d2706b5eed20c0a3e4455bb35fd1

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

35968aadf68d8058219fea9aa038ae2b0df8466aeaa1ed970b2488300444caca.exe

Resource

win10-en-20211014

redline discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  35968aadf68d8058219fea9aa038ae2b0df8466aeaa1ed970b2488300444caca
- Size
  
  442KB
- MD5
  
  318aee78bb102ccdfd53ab9174cf8da7
- SHA1
  
  743a858f375946b8929d2be5bfe6ea8316c1f9fd
- SHA256
  
  35968aadf68d8058219fea9aa038ae2b0df8466aeaa1ed970b2488300444caca
- SHA512
  
  6be1e9bf17ac305951abb8896d4464c255fe47c381f92ab615b34bef0e01e5c920d0f9c401285e4f0c61640be840b947d230d2706b5eed20c0a3e4455bb35fd1
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy