redline | 405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
Size

458KB
Sample

220129-a78t4shegp
MD5

3eb94d8929582cac33f98d44e0a350b7
SHA1

5602f9c1797d1472b5ef0c4d927edff41d5c0571
SHA256

405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
SHA512

fe44bf1311e262f2838ba852f9d07acb8d36f7d3251f6c1b02a86fbcdf0e98d1ab3050e692707348c9101b5ec236fb775747d646b1805fb48aa5d60e28821b64

Score

10^/10

redline ruzkikakoyto discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022.exe

Resource

win10-en-20211208

redline ruzkikakoyto discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

ruzkiKAKOYTO

C2

185.215.113.29:20819

Targets

- Target
  
  405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
- Size
  
  458KB
- MD5
  
  3eb94d8929582cac33f98d44e0a350b7
- SHA1
  
  5602f9c1797d1472b5ef0c4d927edff41d5c0571
- SHA256
  
  405749d62114210369afbdadf8393ab8dae2a7dd5157d26c5b3ff736a21df022
- SHA512
  
  fe44bf1311e262f2838ba852f9d07acb8d36f7d3251f6c1b02a86fbcdf0e98d1ab3050e692707348c9101b5ec236fb775747d646b1805fb48aa5d60e28821b64
Score

10^/10

redline ruzkikakoyto discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineruzkikakoytodiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy