Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    16db67e1beb9c2c49c7d2b6660de7bfb8f852c08568108032cf8a78d12d403a5

  • Size

    318KB

  • Sample

    230523-3he5qaaa32

  • MD5

    12b99559afc34ddd2fdad692960d52e7

  • SHA1

    80bf0319b2d50c053d33bce569f7253c99988bf3

  • SHA256

    16db67e1beb9c2c49c7d2b6660de7bfb8f852c08568108032cf8a78d12d403a5

  • SHA512

    10762f3d6e889d6c08b3c561244c73d3a8a56df8568a7f791ae9f4d747aa01ce1b3a4b49ebd16f9669089b6a393aee7ba3e93b03efd8d074101902b3dfb660b6

  • SSDEEP

    6144:draMs2YJfsn7iTf6R+9+i1myOXxM1QChEbAIKjz7z9Ph0gjRaM:d3s5JfqG9PCq1cAIAzdn

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      16db67e1beb9c2c49c7d2b6660de7bfb8f852c08568108032cf8a78d12d403a5

    • Size

      318KB

    • MD5

      12b99559afc34ddd2fdad692960d52e7

    • SHA1

      80bf0319b2d50c053d33bce569f7253c99988bf3

    • SHA256

      16db67e1beb9c2c49c7d2b6660de7bfb8f852c08568108032cf8a78d12d403a5

    • SHA512

      10762f3d6e889d6c08b3c561244c73d3a8a56df8568a7f791ae9f4d747aa01ce1b3a4b49ebd16f9669089b6a393aee7ba3e93b03efd8d074101902b3dfb660b6

    • SSDEEP

      6144:draMs2YJfsn7iTf6R+9+i1myOXxM1QChEbAIKjz7z9Ph0gjRaM:d3s5JfqG9PCq1cAIAzdn

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks