redline | bf6f2c20c98eed6206fd2346a96a9b7da30ff792568147c1cf00d77d41cf05cf | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

bf6f2c20c98eed6206fd2346a96a9b7da30ff792568147c1cf00d77d41cf05cf
Size

394KB
Sample

220601-q8m7sshag2
MD5

aa9af5418ac34bfd7359e19328a81049
SHA1

792bd49b7531c5763ba91cc35b023492658a39c0
SHA256

bf6f2c20c98eed6206fd2346a96a9b7da30ff792568147c1cf00d77d41cf05cf
SHA512

031518ecd7d480852216f9f6c40137f6377a2eaba4a1b716d7df41caf399ee30e7d9c23cd140636ce771041f9686afa436003b0d01b6424a9d10fe39d9dbef7f

Score

10^/10

redline ruzkiunikalno discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

bf6f2c20c98eed6206fd2346a96a9b7da30ff792568147c1cf00d77d41cf05cf.exe

Resource

win10-20220414-en

redline ruzkiunikalno discovery infostealer spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

redline

Botnet

RuzkiUNIKALNO

C2

193.233.48.58:38989

Attributes

auth_value
c504b04cfbdd4bf85ce6195bcb37fba6

Targets

- Target
  
  bf6f2c20c98eed6206fd2346a96a9b7da30ff792568147c1cf00d77d41cf05cf
- Size
  
  394KB
- MD5
  
  aa9af5418ac34bfd7359e19328a81049
- SHA1
  
  792bd49b7531c5763ba91cc35b023492658a39c0
- SHA256
  
  bf6f2c20c98eed6206fd2346a96a9b7da30ff792568147c1cf00d77d41cf05cf
- SHA512
  
  031518ecd7d480852216f9f6c40137f6377a2eaba4a1b716d7df41caf399ee30e7d9c23cd140636ce771041f9686afa436003b0d01b6424a9d10fe39d9dbef7f
Score

10^/10

redline ruzkiunikalno discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine Payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineruzkiunikalnodiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy