Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5d1ee7fa55d2ef31f883d31c5b76cd2691930f8559150fcfef350317fface73c

  • Size

    379KB

  • Sample

    230313-k64h4sbf4t

  • MD5

    1b033245ae10c47ba4a59919df16d50e

  • SHA1

    7154db5cdc9c1abd0df50dd492e620100eda909f

  • SHA256

    5d1ee7fa55d2ef31f883d31c5b76cd2691930f8559150fcfef350317fface73c

  • SHA512

    ff7000c1bccca011b3cb327ee5f7a17c249a4eaab7407d11d2d3d7bb3a4a38b81aebb54b181cc8feeec72859651619bd5150dac4fdb25e29c161b68a8af62fb1

  • SSDEEP

    6144:7YL7vtf/OVBecdw6yeA/MVTZ4+sVI1zo26QT:7Y/vJ/OVBeEw6yeA/2Z4pVEL6A

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      5d1ee7fa55d2ef31f883d31c5b76cd2691930f8559150fcfef350317fface73c

    • Size

      379KB

    • MD5

      1b033245ae10c47ba4a59919df16d50e

    • SHA1

      7154db5cdc9c1abd0df50dd492e620100eda909f

    • SHA256

      5d1ee7fa55d2ef31f883d31c5b76cd2691930f8559150fcfef350317fface73c

    • SHA512

      ff7000c1bccca011b3cb327ee5f7a17c249a4eaab7407d11d2d3d7bb3a4a38b81aebb54b181cc8feeec72859651619bd5150dac4fdb25e29c161b68a8af62fb1

    • SSDEEP

      6144:7YL7vtf/OVBecdw6yeA/MVTZ4+sVI1zo26QT:7Y/vJ/OVBeEw6yeA/2Z4pVEL6A

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks