Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    65c1d27e021b1f85b8932725dbf7d0b956a6520e0ff2339f5bf3bc7573fc3877

  • Size

    262KB

  • Sample

    230607-p32bssbb6x

  • MD5

    f2ff17e227e76418419d49a1ab769947

  • SHA1

    77945c79df21522fef1b300501909ecb4508a99e

  • SHA256

    65c1d27e021b1f85b8932725dbf7d0b956a6520e0ff2339f5bf3bc7573fc3877

  • SHA512

    e36cb78cec52c2470336030098c81dd7a80ecc3166c627f55e28cc78293b9a75b11612b760eaaea394461311a8da2719922039f407b0ae0b756c15d9a82429da

  • SSDEEP

    3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc

Score
10/10
redlinesheroninfostealerspyware

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes
  • auth_value

    2d067e7e2372227d3a03b335260112e9

Targets

    • Target

      65c1d27e021b1f85b8932725dbf7d0b956a6520e0ff2339f5bf3bc7573fc3877

    • Size

      262KB

    • MD5

      f2ff17e227e76418419d49a1ab769947

    • SHA1

      77945c79df21522fef1b300501909ecb4508a99e

    • SHA256

      65c1d27e021b1f85b8932725dbf7d0b956a6520e0ff2339f5bf3bc7573fc3877

    • SHA512

      e36cb78cec52c2470336030098c81dd7a80ecc3166c627f55e28cc78293b9a75b11612b760eaaea394461311a8da2719922039f407b0ae0b756c15d9a82429da

    • SSDEEP

      3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc

    Score
    10/10
    redlinesheroninfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks