redline | 448b04d5350b8ec4f0879c5a144e189e9ee44d86ea236172282c308b653b4636 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

448b04d5350b8ec4f0879c5a144e189e9ee44d86ea236172282c308b653b4636
Size

411KB
Sample

211105-s4af9acbe3
MD5

87c8f29422b1f6ff45150cc113ca2e08
SHA1

f9b81f908158393afd43a6df48dba20cffeea0e9
SHA256

448b04d5350b8ec4f0879c5a144e189e9ee44d86ea236172282c308b653b4636
SHA512

6fb3abca5618250ebc109c6167276e089e7a5388db87d4a54ba2f1371a4e673155299f6d78c1f8f6969b9efa75acbfbdd86a28eb13fe891875d89189b0b3e70a

Score

10^/10

redline somebody discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

448b04d5350b8ec4f0879c5a144e189e9ee44d86ea236172282c308b653b4636.exe

Resource

win10-en-20211104

redline somebody discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

SomeBody

C2

185.215.113.29:36224

Targets

- Target
  
  448b04d5350b8ec4f0879c5a144e189e9ee44d86ea236172282c308b653b4636
- Size
  
  411KB
- MD5
  
  87c8f29422b1f6ff45150cc113ca2e08
- SHA1
  
  f9b81f908158393afd43a6df48dba20cffeea0e9
- SHA256
  
  448b04d5350b8ec4f0879c5a144e189e9ee44d86ea236172282c308b653b4636
- SHA512
  
  6fb3abca5618250ebc109c6167276e089e7a5388db87d4a54ba2f1371a4e673155299f6d78c1f8f6969b9efa75acbfbdd86a28eb13fe891875d89189b0b3e70a
Score

10^/10

redline somebody discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinesomebodydiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy