Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f6b5fed2060fc3b039b37a54eb3ee3f92630c11f37c0150a25a3500c7e499e98

  • Size

    416KB

  • Sample

    230806-leelcagf76

  • MD5

    86ea3b8bdb2f645d47d177faf622c3e1

  • SHA1

    7af0cc49835dc1951037242962507015ec503baf

  • SHA256

    f6b5fed2060fc3b039b37a54eb3ee3f92630c11f37c0150a25a3500c7e499e98

  • SHA512

    9f2d9b00b133252dd5eb051c83e0fa41c4e9bbd81e7940f7322c9bca1ad885605f317330e5f43b69dc33dc5a8386817fee0d8a603ddc756b7db68da7b728968c

  • SSDEEP

    6144:h4qmHABcWSa2pBbu7/mi281loEeSehDpi:hBNxNYgdxlRwu

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.89.201.49:6932

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Targets

    • Target

      f6b5fed2060fc3b039b37a54eb3ee3f92630c11f37c0150a25a3500c7e499e98

    • Size

      416KB

    • MD5

      86ea3b8bdb2f645d47d177faf622c3e1

    • SHA1

      7af0cc49835dc1951037242962507015ec503baf

    • SHA256

      f6b5fed2060fc3b039b37a54eb3ee3f92630c11f37c0150a25a3500c7e499e98

    • SHA512

      9f2d9b00b133252dd5eb051c83e0fa41c4e9bbd81e7940f7322c9bca1ad885605f317330e5f43b69dc33dc5a8386817fee0d8a603ddc756b7db68da7b728968c

    • SSDEEP

      6144:h4qmHABcWSa2pBbu7/mi281loEeSehDpi:hBNxNYgdxlRwu

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.