Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983

  • Size

    377KB

  • Sample

    220123-d66j5seee3

  • MD5

    0ca2853a09f766aa6478bef6e10c5b4c

  • SHA1

    89ec353aa657c92f706a855cd30fdcafdbdff271

  • SHA256

    00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983

  • SHA512

    8c01a21ad743512b03be3ef53608ca476c7d73e44b56be69ed4475b41e8a261ca0b30551a8734a1efb80d6ce76f4971ebded5e799b59dec6788e2f4108c44bce

Score
10/10
redlinenonamediscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

NONAME

C2

45.9.20.111:1355

Targets

    • Target

      00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983

    • Size

      377KB

    • MD5

      0ca2853a09f766aa6478bef6e10c5b4c

    • SHA1

      89ec353aa657c92f706a855cd30fdcafdbdff271

    • SHA256

      00a9275dd93ce464406eaac81a05d9bbed2b105a1d5ca60949a70a01b73a7983

    • SHA512

      8c01a21ad743512b03be3ef53608ca476c7d73e44b56be69ed4475b41e8a261ca0b30551a8734a1efb80d6ce76f4971ebded5e799b59dec6788e2f4108c44bce

    Score
    10/10
    redlinenonamediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks