redline | 341d969482b09341b19823051659471bc98499f48135c2146387edf9d10c496d | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

General

Target

341d969482b09341b19823051659471bc98499f48135c2146387edf9d10c496d
Size

361KB
Sample

230328-anbehaga36
MD5

20e467e3b1a43d0bb85490f9ceb322e1
SHA1

b2f27c1e5030cfed9f42109850799665775d0dc2
SHA256

341d969482b09341b19823051659471bc98499f48135c2146387edf9d10c496d
SHA512

783be4dcbdec7138d1b087fe3957e44dc4ec39eed42dcc621814398ae997687cda3aabf15928766665c2276197d3285d071236defdd7ebbfc3fd37cc2c3ac75d
SSDEEP

6144:Mz5yqmzNLutCRIgRlXUZRJp2YpHCQw4SZiIJYWcakV:sOzNytCRIc5c0Ypvw4Scmxi

Score

10^/10

redline @germany discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

341d969482b09341b19823051659471bc98499f48135c2146387edf9d10c496d.exe

Resource

win10-20230220-en

redline @germany discovery infostealer spyware stealer

windows10-1703-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

@Germany

C2

185.11.61.125:22344

Attributes

auth_value
9d15d78194367a949e54a07d6ce02c62

Targets

- Target
  
  341d969482b09341b19823051659471bc98499f48135c2146387edf9d10c496d
- Size
  
  361KB
- MD5
  
  20e467e3b1a43d0bb85490f9ceb322e1
- SHA1
  
  b2f27c1e5030cfed9f42109850799665775d0dc2
- SHA256
  
  341d969482b09341b19823051659471bc98499f48135c2146387edf9d10c496d
- SHA512
  
  783be4dcbdec7138d1b087fe3957e44dc4ec39eed42dcc621814398ae997687cda3aabf15928766665c2276197d3285d071236defdd7ebbfc3fd37cc2c3ac75d
- SSDEEP
  
  6144:Mz5yqmzNLutCRIgRlXUZRJp2YpHCQw4SZiIJYWcakV:sOzNytCRIc5c0Ypvw4Scmxi
Score

10^/10

redline @germany discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redline@germanydiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy