redline | 1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
Size

354KB
Sample

230323-bcpcnaed8t
MD5

28ad6fa98b0b82ec6472a969a5b93b34
SHA1

8edb9503d58e82fcd48caad42d627f6c3b74eb5d
SHA256

1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
SHA512

53a3ee9d562ddc3987823bd2d73e22728d05023796a1e1d994b1ff492315a215eb17607716a40a19fc6c80eaa8b3dad5e1a98d365eb7180ed09a2d4b6b3cb256
SSDEEP

6144:rSP3sNBXiD7BZGhPItpVSfNizSGVJanHjag0o:uP3sNBejGhPIV+cJP/o

Score

10^/10

redline fronx2 discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365.exe

Resource

win10v2004-20230221-en

redline fronx2 discovery infostealer spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

fronx2

C2

fronxtracking.com:80

Attributes

auth_value
0a4100df2644a6a6582137d2da2c8bd1

Targets

- Target
  
  1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
- Size
  
  354KB
- MD5
  
  28ad6fa98b0b82ec6472a969a5b93b34
- SHA1
  
  8edb9503d58e82fcd48caad42d627f6c3b74eb5d
- SHA256
  
  1617d9ed63d8fdd9c98a4e34a82efdc77d2c9d733e49c97b3306e7ec033cb365
- SHA512
  
  53a3ee9d562ddc3987823bd2d73e22728d05023796a1e1d994b1ff492315a215eb17607716a40a19fc6c80eaa8b3dad5e1a98d365eb7180ed09a2d4b6b3cb256
- SSDEEP
  
  6144:rSP3sNBXiD7BZGhPItpVSfNizSGVJanHjag0o:uP3sNBejGhPIV+cJP/o
Score

10^/10

redline fronx2 discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlinefronx2discoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy