redline | 4e6dcc12e94ec9b82fd155fe415482c5ece99a1108d835c9d786b62b05466e97 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

4e6dcc12e94ec9b82fd155fe415482c5ece99a1108d835c9d786b62b05466e97
Size

372KB
Sample

220130-1zgnrsbbgr
MD5

d62db1ea30d9bb725d935c83d7fe6df4
SHA1

c318ecebca0a814038566699d6e30d213bf68122
SHA256

4e6dcc12e94ec9b82fd155fe415482c5ece99a1108d835c9d786b62b05466e97
SHA512

23d4d38ecbe0e6f28c6753fdbde9d27ce83d9cc551ca451f60b1ebd2dd9147f9b9f4ced8b376c2e52c5182c9dec75381b77cd49d5ecd3b5ae591f4635b38f6e5

Score

10^/10

redline noname discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

4e6dcc12e94ec9b82fd155fe415482c5ece99a1108d835c9d786b62b05466e97.exe

Resource

win10-en-20211208

redline noname discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

noname

C2

185.215.113.29:20819

Targets

- Target
  
  4e6dcc12e94ec9b82fd155fe415482c5ece99a1108d835c9d786b62b05466e97
- Size
  
  372KB
- MD5
  
  d62db1ea30d9bb725d935c83d7fe6df4
- SHA1
  
  c318ecebca0a814038566699d6e30d213bf68122
- SHA256
  
  4e6dcc12e94ec9b82fd155fe415482c5ece99a1108d835c9d786b62b05466e97
- SHA512
  
  23d4d38ecbe0e6f28c6753fdbde9d27ce83d9cc551ca451f60b1ebd2dd9147f9b9f4ced8b376c2e52c5182c9dec75381b77cd49d5ecd3b5ae591f4635b38f6e5
Score

10^/10

redline noname discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinenonamediscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy