redline | 0683d97ef2bdf0cc83c6a5d85df862d5aad0e8a3036a0d4783d77ebe9c94e168 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

0683d97ef2bdf0cc83c6a5d85df862d5aad0e8a3036a0d4783d77ebe9c94e168
Size

319KB
Sample

220531-g4gpsacehq
MD5

67819abcf2818052e581155335138922
SHA1

cc111fa23010a3fd049a8e8e9e0dedb96df3f1d7
SHA256

0683d97ef2bdf0cc83c6a5d85df862d5aad0e8a3036a0d4783d77ebe9c94e168
SHA512

af99f707cc6ede066c846628298c2f449de3557dadf8e3167185678c24568366126757c182b437bfaad366f70ec7db777e41ea329171498f66903eca45890c44

Score

10^/10

redline ruzkiunikalno discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

0683d97ef2bdf0cc83c6a5d85df862d5aad0e8a3036a0d4783d77ebe9c94e168.exe

Resource

win10-20220414-en

redline ruzkiunikalno discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes

auth_value
c504b04cfbdd4bf85ce6195bcb37fba6

Targets

- Target
  
  0683d97ef2bdf0cc83c6a5d85df862d5aad0e8a3036a0d4783d77ebe9c94e168
- Size
  
  319KB
- MD5
  
  67819abcf2818052e581155335138922
- SHA1
  
  cc111fa23010a3fd049a8e8e9e0dedb96df3f1d7
- SHA256
  
  0683d97ef2bdf0cc83c6a5d85df862d5aad0e8a3036a0d4783d77ebe9c94e168
- SHA512
  
  af99f707cc6ede066c846628298c2f449de3557dadf8e3167185678c24568366126757c182b437bfaad366f70ec7db777e41ea329171498f66903eca45890c44
Score

10^/10

redline ruzkiunikalno discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineruzkiunikalnodiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy