redline | 8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
Size

356KB
Sample

211110-lzcmgsgfh6
MD5

94ca7dbe0e44b81f651942c0e5374ab4
SHA1

541d51c251339d3f72235fcfd8317f28fb30977f
SHA256

8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
SHA512

70924bcf984ce88731ac7ae00df02ffbf9a3c2af24a9954a004e69b5140044308fe714dcdcc0a6187a94142cb2d6e86c712b59ba533ecc1335a26603545b1e61

Score

10^/10

redline 1132044836 discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63.exe

Resource

win10-en-20211014

redline 1132044836 discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

1132044836

C2

185.183.32.184:80

Targets

- Target
  
  8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
- Size
  
  356KB
- MD5
  
  94ca7dbe0e44b81f651942c0e5374ab4
- SHA1
  
  541d51c251339d3f72235fcfd8317f28fb30977f
- SHA256
  
  8a8d26421b895d3ca64cf7b2555fd00d4f43723a218210e18b3c047478665c63
- SHA512
  
  70924bcf984ce88731ac7ae00df02ffbf9a3c2af24a9954a004e69b5140044308fe714dcdcc0a6187a94142cb2d6e86c712b59ba533ecc1335a26603545b1e61
Score

10^/10

redline 1132044836 discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redline1132044836discoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy