Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    99156b57ec14ed2b53f23bcf128e606adee2ef26bbe714e54d764ddc2604d796

  • Size

    380KB

  • Sample

    220127-deqdvaegg2

  • MD5

    ff971cdbf8c8600a4af8b65db92efbb9

  • SHA1

    4e43c6a2930a0413a63bd6dfebf8286b3d8ba098

  • SHA256

    99156b57ec14ed2b53f23bcf128e606adee2ef26bbe714e54d764ddc2604d796

  • SHA512

    6f82c53b61dfaf9c95c08fb8bbcf9e880b3129bf9925c7d6ea0b7cfc3fd3b3833b5454862f9e836686893bcc2705813cc49f580f437e660c9caf06807dcbadca

Score
10/10
redlinenonamediscoveryinfostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:20819

Targets

    • Target

      99156b57ec14ed2b53f23bcf128e606adee2ef26bbe714e54d764ddc2604d796

    • Size

      380KB

    • MD5

      ff971cdbf8c8600a4af8b65db92efbb9

    • SHA1

      4e43c6a2930a0413a63bd6dfebf8286b3d8ba098

    • SHA256

      99156b57ec14ed2b53f23bcf128e606adee2ef26bbe714e54d764ddc2604d796

    • SHA512

      6f82c53b61dfaf9c95c08fb8bbcf9e880b3129bf9925c7d6ea0b7cfc3fd3b3833b5454862f9e836686893bcc2705813cc49f580f437e660c9caf06807dcbadca

    Score
    10/10
    redlinenonamediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks