redline | 6903e33821d3a689d41e5e45cfd1e9bbb08109b741fe199b030e7e2875d7fbe5 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

6903e33821d3a689d41e5e45cfd1e9bbb08109b741fe199b030e7e2875d7fbe5
Size

1.8MB
Sample

220523-hfsmtafchk
MD5

d836a3e33d4b12926305b2c06ffc64d2
SHA1

38960dd289e058379ed31ccc66ae9ad62eebe409
SHA256

6903e33821d3a689d41e5e45cfd1e9bbb08109b741fe199b030e7e2875d7fbe5
SHA512

af4fc4608624e7f616bed02a08a05cc4bbb7d16094eac3b125601460bd0662f5bf7a0431e94cc41b0deebd84a22e8a64b85d39e7fc7cdf1aaafbc1e4d4d8f23c

Score

10^/10

redline xmrig infostealer miner upx

Static task

static1

Behavioral task

behavioral1

Sample

6903e33821d3a689d41e5e45cfd1e9bbb08109b741fe199b030e7e2875d7fbe5.exe

Resource

win10v2004-20220414-en

redline xmrig infostealer miner upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6903e33821d3a689d41e5e45cfd1e9bbb08109b741fe199b030e7e2875d7fbe5
- Size
  
  1.8MB
- MD5
  
  d836a3e33d4b12926305b2c06ffc64d2
- SHA1
  
  38960dd289e058379ed31ccc66ae9ad62eebe409
- SHA256
  
  6903e33821d3a689d41e5e45cfd1e9bbb08109b741fe199b030e7e2875d7fbe5
- SHA512
  
  af4fc4608624e7f616bed02a08a05cc4bbb7d16094eac3b125601460bd0662f5bf7a0431e94cc41b0deebd84a22e8a64b85d39e7fc7cdf1aaafbc1e4d4d8f23c
Score

10^/10

redline xmrig infostealer miner upx
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner Payload
  miner
- Downloads MZ/PE file
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

redlinexmriginfostealerminerupx

© 2018-2024

Terms | Privacy