Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7ed2dcdfe339e1bf55b2594102bd975a1f464afd183f1c88f1f90fff1e9622c3

  • Size

    656KB

  • Sample

    211109-saa6pafdh3

  • MD5

    f9045efb8c486669a65c424280049d6f

  • SHA1

    6caaea2c84af8381fc885058ffe815dc630fe87c

  • SHA256

    7ed2dcdfe339e1bf55b2594102bd975a1f464afd183f1c88f1f90fff1e9622c3

  • SHA512

    f2a7290e2dcab699c710a84566ca4f7191a1345f32c562ec03898f796b4f295cb0f2efd638bce5f5f88d371de53e77885cd0e9017d3a0d00bb28af172e690faa

Score
10/10
redline09.11infostealer

Malware Config

Extracted

Family

redline

Botnet

09.11

C2

185.215.113.17:7700

Targets

    • Target

      7ed2dcdfe339e1bf55b2594102bd975a1f464afd183f1c88f1f90fff1e9622c3

    • Size

      656KB

    • MD5

      f9045efb8c486669a65c424280049d6f

    • SHA1

      6caaea2c84af8381fc885058ffe815dc630fe87c

    • SHA256

      7ed2dcdfe339e1bf55b2594102bd975a1f464afd183f1c88f1f90fff1e9622c3

    • SHA512

      f2a7290e2dcab699c710a84566ca4f7191a1345f32c562ec03898f796b4f295cb0f2efd638bce5f5f88d371de53e77885cd0e9017d3a0d00bb28af172e690faa

    Score
    10/10
    redline09.11infostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks