redline | 336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555 | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
Size

346KB
Sample

230328-k9h2ksaa88
MD5

912366c7c8cea81ddab4fd20f0e2dea2
SHA1

c3a569f3f49fc347c144728cdc99a7a7db19d2ba
SHA256

336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
SHA512

fd0d5a5247318db7967d36af503ddc803e63cd00873b3ce4e9ac47f02be0080dd07a383d9b8e9496dc2b6255315ad9ea46d12ff1bb4ad28fb3671ee9629c207e
SSDEEP

6144:nOyj44LNAOlKDK7DEp/kHd2XttQm3G6rzcFyHXT1i+bnZPD/+:OB4pAOln7DEpM84qGigOXT1bbZbW

Score

10^/10

redline rober discovery infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555.exe

Resource

win10v2004-20230221-en

redline rober discovery infostealer spyware stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

ROBER

C2

138.201.195.134:15564

Attributes

auth_value
de311ede2b43457816afc0d9989c5255

Targets

- Target
  
  336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
- Size
  
  346KB
- MD5
  
  912366c7c8cea81ddab4fd20f0e2dea2
- SHA1
  
  c3a569f3f49fc347c144728cdc99a7a7db19d2ba
- SHA256
  
  336339cb268d2afa1d28a55bff6962d9a30d3cb40efe16fa599f5ce4b6285555
- SHA512
  
  fd0d5a5247318db7967d36af503ddc803e63cd00873b3ce4e9ac47f02be0080dd07a383d9b8e9496dc2b6255315ad9ea46d12ff1bb4ad28fb3671ee9629c207e
- SSDEEP
  
  6144:nOyj44LNAOlKDK7DEp/kHd2XttQm3G6rzcFyHXT1i+bnZPD/+:OB4pAOln7DEpM84qGigOXT1bbZbW
Score

10^/10

redline rober discovery infostealer spyware stealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

redlineroberdiscoveryinfostealerspywarestealer

© 2018-2024

Terms | Privacy