Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4a4ad05136a448b3a4c85192487478f65ce3b59485bfeff01ebf1a6ded04f077

  • Size

    424KB

  • Sample

    220116-g3tyqafcc8

  • MD5

    cdc16d54d1797f9450f4217c155db3ab

  • SHA1

    6f56727362e1102ce839f38c0c828bead9b1521e

  • SHA256

    4a4ad05136a448b3a4c85192487478f65ce3b59485bfeff01ebf1a6ded04f077

  • SHA512

    fbc4a9a06501974fb5ceb2528520008f4aeed71bfaccf7ac37f33f4d3c854aabd19ffc62c24338b59c91938c9e93f5e1c3ef84562a6f55c8e055b20e1ac2341f

Score
10/10
redlinenonamediscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:34865

Targets

    • Target

      4a4ad05136a448b3a4c85192487478f65ce3b59485bfeff01ebf1a6ded04f077

    • Size

      424KB

    • MD5

      cdc16d54d1797f9450f4217c155db3ab

    • SHA1

      6f56727362e1102ce839f38c0c828bead9b1521e

    • SHA256

      4a4ad05136a448b3a4c85192487478f65ce3b59485bfeff01ebf1a6ded04f077

    • SHA512

      fbc4a9a06501974fb5ceb2528520008f4aeed71bfaccf7ac37f33f4d3c854aabd19ffc62c24338b59c91938c9e93f5e1c3ef84562a6f55c8e055b20e1ac2341f

    Score
    10/10
    redlinenonamediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks