redline | 83eafb874d5c439d9931145b8201a006f8932fc01b3b02e16a2c13300ec35d4c | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

83eafb874d5c439d9931145b8201a006f8932fc01b3b02e16a2c13300ec35d4c
Size

381KB
Sample

220127-cj6qysecd2
MD5

25f961ffc7ba524f607188876857ef3d
SHA1

65ad945fb72650a323a57664c935f52c8a672c48
SHA256

83eafb874d5c439d9931145b8201a006f8932fc01b3b02e16a2c13300ec35d4c
SHA512

cce4eeda3e5c8a2afe16170f60e2f19713c8c4a0dfc1023f273e9629523c7543b678330d53c7953b8a20f1427448ae65dc2acd5bf5703bf3ceaa29df1a7815b0

Score

10^/10

redline noname discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

83eafb874d5c439d9931145b8201a006f8932fc01b3b02e16a2c13300ec35d4c.exe

Resource

win10-en-20211208

redline noname discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:20819

Targets

- Target
  
  83eafb874d5c439d9931145b8201a006f8932fc01b3b02e16a2c13300ec35d4c
- Size
  
  381KB
- MD5
  
  25f961ffc7ba524f607188876857ef3d
- SHA1
  
  65ad945fb72650a323a57664c935f52c8a672c48
- SHA256
  
  83eafb874d5c439d9931145b8201a006f8932fc01b3b02e16a2c13300ec35d4c
- SHA512
  
  cce4eeda3e5c8a2afe16170f60e2f19713c8c4a0dfc1023f273e9629523c7543b678330d53c7953b8a20f1427448ae65dc2acd5bf5703bf3ceaa29df1a7815b0
Score

10^/10

redline noname discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinenonamediscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy