redline | d3f818c210ec05e453c9baf908fe357fa490a93a48891819569d3009c96ff48a | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

d3f818c210ec05e453c9baf908fe357fa490a93a48891819569d3009c96ff48a
Size

309KB
Sample

230312-k1nkpsdd43
MD5

068327bcea586b88de30e40f3a7e759c
SHA1

2b202ba784eb7d6a8289dcda08f5cc69252c3e15
SHA256

d3f818c210ec05e453c9baf908fe357fa490a93a48891819569d3009c96ff48a
SHA512

0f01c135487c7cd1601a492c7cd787c662962c66b3c55db9c4daa4d12980dc7b7ac17f0275851d7877c74ef02fa046e025f255870eddb74abc7c87b6a34db2a4
SSDEEP

6144:WqhCLJ99+nshqIhAUxvBgIUbpwD7T+Qz4pkKqh:ncLl+nuqIhtyBbpY7TLz4mB

Score

10^/10

redline discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

d3f818c210ec05e453c9baf908fe357fa490a93a48891819569d3009c96ff48a.exe

Resource

win10v2004-20230220-en

redline discovery infostealer spyware stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  d3f818c210ec05e453c9baf908fe357fa490a93a48891819569d3009c96ff48a
- Size
  
  309KB
- MD5
  
  068327bcea586b88de30e40f3a7e759c
- SHA1
  
  2b202ba784eb7d6a8289dcda08f5cc69252c3e15
- SHA256
  
  d3f818c210ec05e453c9baf908fe357fa490a93a48891819569d3009c96ff48a
- SHA512
  
  0f01c135487c7cd1601a492c7cd787c662962c66b3c55db9c4daa4d12980dc7b7ac17f0275851d7877c74ef02fa046e025f255870eddb74abc7c87b6a34db2a4
- SSDEEP
  
  6144:WqhCLJ99+nshqIhAUxvBgIUbpwD7T+Qz4pkKqh:ncLl+nuqIhtyBbpY7TLz4mB
Score

10^/10

redline discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinediscoveryinfostealerspywarestealer

© 2018-2025

Terms | Privacy