redline | 2a5c2ecb521b4734e85e22f69f23d44f68aa1434c89b53fb02c6362b4fb9d0e1 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

2a5c2ecb521b4734e85e22f69f23d44f68aa1434c89b53fb02c6362b4fb9d0e1
Size

363KB
Sample

211103-r7m13sead7
MD5

61b61c14cdcaea58c5ea4d9a74a085be
SHA1

aef7e0e15ad0a6911f6719521ea5019ad38e4722
SHA256

2a5c2ecb521b4734e85e22f69f23d44f68aa1434c89b53fb02c6362b4fb9d0e1
SHA512

49b5c13139e73376692b1dfe7fe1248ebacee7c81afc054f08f09d1669de41d0fd4ff829c83c471c0d32c199b6c9845e680b06cbc47c35996f67d1070ef47c4c

Score

10^/10

redline somebody discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

2a5c2ecb521b4734e85e22f69f23d44f68aa1434c89b53fb02c6362b4fb9d0e1.exe

Resource

win10-en-20211014

redline somebody discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

SomeBody

C2

185.215.113.29:36224

Targets

- Target
  
  2a5c2ecb521b4734e85e22f69f23d44f68aa1434c89b53fb02c6362b4fb9d0e1
- Size
  
  363KB
- MD5
  
  61b61c14cdcaea58c5ea4d9a74a085be
- SHA1
  
  aef7e0e15ad0a6911f6719521ea5019ad38e4722
- SHA256
  
  2a5c2ecb521b4734e85e22f69f23d44f68aa1434c89b53fb02c6362b4fb9d0e1
- SHA512
  
  49b5c13139e73376692b1dfe7fe1248ebacee7c81afc054f08f09d1669de41d0fd4ff829c83c471c0d32c199b6c9845e680b06cbc47c35996f67d1070ef47c4c
Score

10^/10

redline somebody discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinesomebodydiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy