redline | 91c4156cab78e988084bff057a47488c1d362d71bef502346fe95cdc42b5936b | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

91c4156cab78e988084bff057a47488c1d362d71bef502346fe95cdc42b5936b
Size

102KB
Sample

220301-ylj6machfp
MD5

59a756e9c3603bcdc4fcd1ae9243614c
SHA1

f070a9813736e8bc59379386c51220da879df61d
SHA256

91c4156cab78e988084bff057a47488c1d362d71bef502346fe95cdc42b5936b
SHA512

9ace10a2d348c40c08de70fc1503c7ac6e8cbd61e0c3d439e53061a50f1a0c8ffedaf88afd53c7a2971d40d65a1d7b1180512cdc00e95c1ec5d22ca8f327fa53

Score

10^/10

redline bild discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

91c4156cab78e988084bff057a47488c1d362d71bef502346fe95cdc42b5936b.exe

Resource

win10v2004-en-20220112

redline bild discovery infostealer spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

bild

C2

95.216.21.217:19597

Attributes

auth_value
6a86304a315cc6a978ccb33feb915de5

Targets

- Target
  
  91c4156cab78e988084bff057a47488c1d362d71bef502346fe95cdc42b5936b
- Size
  
  102KB
- MD5
  
  59a756e9c3603bcdc4fcd1ae9243614c
- SHA1
  
  f070a9813736e8bc59379386c51220da879df61d
- SHA256
  
  91c4156cab78e988084bff057a47488c1d362d71bef502346fe95cdc42b5936b
- SHA512
  
  9ace10a2d348c40c08de70fc1503c7ac6e8cbd61e0c3d439e53061a50f1a0c8ffedaf88afd53c7a2971d40d65a1d7b1180512cdc00e95c1ec5d22ca8f327fa53
Score

10^/10

redline bild discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinebilddiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy