redline | 5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
Size

340KB
Sample

220210-pymylsghb3
MD5

eb7a9d67cae90963c574432ceb990714
SHA1

9aed27fc3ec3ab4c404c8dfb8d9da276c6a5c71c
SHA256

5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
SHA512

6d074f666542c4efe31e6e8f656a7c941d4cc167ccfcaf2c3c6743c9f1dfa5881e8dee8a1257c7991218b338c51dfa9936911b2066b932f13d870e0097db81e8

Score

10^/10

redline ruzkikakoyto discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf.exe

Resource

win10-en-20211208

redline ruzkikakoyto discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

ruzkiKAKOYTO

C2

185.215.113.29:20819

Targets

- Target
  
  5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
- Size
  
  340KB
- MD5
  
  eb7a9d67cae90963c574432ceb990714
- SHA1
  
  9aed27fc3ec3ab4c404c8dfb8d9da276c6a5c71c
- SHA256
  
  5e889bb6e053a7aaa33929d49c1a0f9b20c2197e817617583ddb6ca80cea7fdf
- SHA512
  
  6d074f666542c4efe31e6e8f656a7c941d4cc167ccfcaf2c3c6743c9f1dfa5881e8dee8a1257c7991218b338c51dfa9936911b2066b932f13d870e0097db81e8
Score

10^/10

redline ruzkikakoyto discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineruzkikakoytodiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy