Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d1065f707528e8b200671539b9f69078871952484370678afc64f567b968100

  • Size

    416KB

  • Sample

    230519-gssmxaec2s

  • MD5

    961d3a95e96ea5cd1309112ae940f338

  • SHA1

    b82f4fa619372f245c8a961c251b240350b10d4f

  • SHA256

    2d1065f707528e8b200671539b9f69078871952484370678afc64f567b968100

  • SHA512

    bcd9f5965daf1e78225e5b63c5f8e77cfca3722462433f8ec6133780b2f8b1a1eede14b6c58850a074fd2b12217a3e2722aaf9eb3f1403d7ce950d4734485065

  • SSDEEP

    6144:fgXT8vtFkWsU0Jbr8fUJpLRD6NxAXS4qyHLLpqTUtD:m8FRsUwWUJb6oZhHH0UtD

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      2d1065f707528e8b200671539b9f69078871952484370678afc64f567b968100

    • Size

      416KB

    • MD5

      961d3a95e96ea5cd1309112ae940f338

    • SHA1

      b82f4fa619372f245c8a961c251b240350b10d4f

    • SHA256

      2d1065f707528e8b200671539b9f69078871952484370678afc64f567b968100

    • SHA512

      bcd9f5965daf1e78225e5b63c5f8e77cfca3722462433f8ec6133780b2f8b1a1eede14b6c58850a074fd2b12217a3e2722aaf9eb3f1403d7ce950d4734485065

    • SSDEEP

      6144:fgXT8vtFkWsU0Jbr8fUJpLRD6NxAXS4qyHLLpqTUtD:m8FRsUwWUJb6oZhHH0UtD

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks