Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c3c6cdb15afb05927179c9a943038d5eb95854bd0d615c8a6202bd4e8f63377

  • Size

    290KB

  • Sample

    230305-lq26saff2z

  • MD5

    048d0169a44635be763856510e27ae04

  • SHA1

    dbaf41863cf6d958c5aee7b8fa0602b7311387ec

  • SHA256

    5c3c6cdb15afb05927179c9a943038d5eb95854bd0d615c8a6202bd4e8f63377

  • SHA512

    f2eb79865409cd0d1329ed979c65fc197f62386dd59d70d0ac88c4ff3f7e6453fd83ff45d61a0bbfe28123ef182d2e53a9f6b714d66d0fe14987e6f5fd775eb5

  • SSDEEP

    6144:McXLMMXeDCPL+PCQizOMDwb/X9Fqi1evHTHCbE3OI/cji5kE:MkYMXUCP2Cytb/XC3P4EfkjckE

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      5c3c6cdb15afb05927179c9a943038d5eb95854bd0d615c8a6202bd4e8f63377

    • Size

      290KB

    • MD5

      048d0169a44635be763856510e27ae04

    • SHA1

      dbaf41863cf6d958c5aee7b8fa0602b7311387ec

    • SHA256

      5c3c6cdb15afb05927179c9a943038d5eb95854bd0d615c8a6202bd4e8f63377

    • SHA512

      f2eb79865409cd0d1329ed979c65fc197f62386dd59d70d0ac88c4ff3f7e6453fd83ff45d61a0bbfe28123ef182d2e53a9f6b714d66d0fe14987e6f5fd775eb5

    • SSDEEP

      6144:McXLMMXeDCPL+PCQizOMDwb/X9Fqi1evHTHCbE3OI/cji5kE:MkYMXUCP2Cytb/XC3P4EfkjckE

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks