Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e06cb365c167ba13df347fd023f9c9734fd32364c3e14032aa78ca836ddc9d74

  • Size

    408KB

  • Sample

    220119-p13rvahgg7

  • MD5

    4deb3eed87e526ae701c215da91b65b8

  • SHA1

    e7c1378324c77aabe71ea7242687cd9f30bff3d3

  • SHA256

    e06cb365c167ba13df347fd023f9c9734fd32364c3e14032aa78ca836ddc9d74

  • SHA512

    7445e187d2a6fa7a173d7ad5952f5bcca107938c5ad21bd69f6f927f8de6a9dbfeb31b4e628d6a8c4c2f5e29302f1e0d6e43a2d52727f62496de11870df5cd3d

Score
10/10
redlinenonamediscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:34865

Targets

    • Target

      e06cb365c167ba13df347fd023f9c9734fd32364c3e14032aa78ca836ddc9d74

    • Size

      408KB

    • MD5

      4deb3eed87e526ae701c215da91b65b8

    • SHA1

      e7c1378324c77aabe71ea7242687cd9f30bff3d3

    • SHA256

      e06cb365c167ba13df347fd023f9c9734fd32364c3e14032aa78ca836ddc9d74

    • SHA512

      7445e187d2a6fa7a173d7ad5952f5bcca107938c5ad21bd69f6f927f8de6a9dbfeb31b4e628d6a8c4c2f5e29302f1e0d6e43a2d52727f62496de11870df5cd3d

    Score
    10/10
    redlinenonamediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks