Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45d0efaba2caf518e649d387606d1ebe479cb8f9fe3baf7259f2905a6c9a6b96

  • Size

    173KB

  • Sample

    230615-y9yc6abb76

  • MD5

    98e4b1b5b793b2ece39ac08b5b175968

  • SHA1

    cb95d3e37bf7890dbaa0d59a0ac1afdff3814e33

  • SHA256

    45d0efaba2caf518e649d387606d1ebe479cb8f9fe3baf7259f2905a6c9a6b96

  • SHA512

    619f262a7c83c0e73279c814a1f49f84d55f5f0bb0d514c504f200b4b227c50868858e1d7eed2f17885077bb0db4e237e92696e1b3d6451b91309ef4b4f90756

  • SSDEEP

    3072:1b1Memvvf8fdrBOFZ9hTLfN1g0CnHYPlk3UBjuU3/MCANWFHn36CS/:3Memvvf8iFZHHfNCHYP885ANWFQ

Score
10/10
redlineinfostealerspyware

Malware Config

Targets

    • Target

      45d0efaba2caf518e649d387606d1ebe479cb8f9fe3baf7259f2905a6c9a6b96

    • Size

      173KB

    • MD5

      98e4b1b5b793b2ece39ac08b5b175968

    • SHA1

      cb95d3e37bf7890dbaa0d59a0ac1afdff3814e33

    • SHA256

      45d0efaba2caf518e649d387606d1ebe479cb8f9fe3baf7259f2905a6c9a6b96

    • SHA512

      619f262a7c83c0e73279c814a1f49f84d55f5f0bb0d514c504f200b4b227c50868858e1d7eed2f17885077bb0db4e237e92696e1b3d6451b91309ef4b4f90756

    • SSDEEP

      3072:1b1Memvvf8fdrBOFZ9hTLfN1g0CnHYPlk3UBjuU3/MCANWFHn36CS/:3Memvvf8iFZHHfNCHYP885ANWFQ

    Score
    10/10
    redlineinfostealerspyware

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Uses the VBS compiler for execution

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks