redline | 9cda3093dddacbd05e0e9c8ce7320c73320ff2ea4b66ca3578b5b4fd9dc80fe2 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

Copy URL Twitter E-mail

General

Target

9cda3093dddacbd05e0e9c8ce7320c73320ff2ea4b66ca3578b5b4fd9dc80fe2
Size

365KB
Sample

230307-xhksbabd25
MD5

69fb73e283630210dcb0e9b400a1ee4c
SHA1

f746b5f15ebf476579d0705720ab4daec3306e41
SHA256

9cda3093dddacbd05e0e9c8ce7320c73320ff2ea4b66ca3578b5b4fd9dc80fe2
SHA512

ee9062a2b4a2ece85c000e369dd1bc1815ce159c87235cba0e36e7a26f7548c28d4c6dfe9a10b22addbe7b1f8c2cd9972446925a5e57fa0644d9c617cda1784f
SSDEEP

6144:YY0L64nRBgQZ50kxyZCQj4pPIuVBNX++ZbE8GqcdPQrixxAAY4eZu:YY0O4RBgQwsyZj4pPlxu+ZQ8id4rixxH

Score

10^/10

redline fud discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

9cda3093dddacbd05e0e9c8ce7320c73320ff2ea4b66ca3578b5b4fd9dc80fe2.exe

Resource

win10-20230220-en

redline fud discovery infostealer spyware stealer

windows10-1703-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

fud

C2

193.233.20.27:4123

Attributes

auth_value
cddc991efd6918ad5321d80dac884b40

Targets

- Target
  
  9cda3093dddacbd05e0e9c8ce7320c73320ff2ea4b66ca3578b5b4fd9dc80fe2
- Size
  
  365KB
- MD5
  
  69fb73e283630210dcb0e9b400a1ee4c
- SHA1
  
  f746b5f15ebf476579d0705720ab4daec3306e41
- SHA256
  
  9cda3093dddacbd05e0e9c8ce7320c73320ff2ea4b66ca3578b5b4fd9dc80fe2
- SHA512
  
  ee9062a2b4a2ece85c000e369dd1bc1815ce159c87235cba0e36e7a26f7548c28d4c6dfe9a10b22addbe7b1f8c2cd9972446925a5e57fa0644d9c617cda1784f
- SSDEEP
  
  6144:YY0L64nRBgQZ50kxyZCQj4pPIuVBNX++ZbE8GqcdPQrixxAAY4eZu:YY0O4RBgQwsyZj4pPlxu+ZQ8id4rixxH
Score

10^/10

redline fud discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinefuddiscoveryinfostealerspywarestealer

© 2018-2025

Terms | Privacy