Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44df297e1ace7b53d2bb3edeb9246cbfda8939202232bbc15e991a46defb70a6

  • Size

    303KB

  • Sample

    230310-twvb5agc7t

  • MD5

    957918f2dd43a17ef0fa2ef8af783b0e

  • SHA1

    06db41f7f432ac2e377c3c0dcde55d7afda17c7e

  • SHA256

    44df297e1ace7b53d2bb3edeb9246cbfda8939202232bbc15e991a46defb70a6

  • SHA512

    1fb324a4c9862022e6048a829e8b17198ca48b85e0db56270bc9815f878b9f436e07ee8b186adbe36ba31ac79d6ce272cdb06270b6cc15e7576ef7c62841d952

  • SSDEEP

    6144:mMfpuODn+8w2GkOxD+SbiBhnJiRRxq3NP80IOzvr:1xuOCH2Gdx3yhnJiReP5Igr

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      44df297e1ace7b53d2bb3edeb9246cbfda8939202232bbc15e991a46defb70a6

    • Size

      303KB

    • MD5

      957918f2dd43a17ef0fa2ef8af783b0e

    • SHA1

      06db41f7f432ac2e377c3c0dcde55d7afda17c7e

    • SHA256

      44df297e1ace7b53d2bb3edeb9246cbfda8939202232bbc15e991a46defb70a6

    • SHA512

      1fb324a4c9862022e6048a829e8b17198ca48b85e0db56270bc9815f878b9f436e07ee8b186adbe36ba31ac79d6ce272cdb06270b6cc15e7576ef7c62841d952

    • SSDEEP

      6144:mMfpuODn+8w2GkOxD+SbiBhnJiRRxq3NP80IOzvr:1xuOCH2Gdx3yhnJiReP5Igr

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks