Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    dc50ac859d6e0e73cf73569ce0cf00275ec6b47f864a8fd330cce5bd138b2e94

  • Size

    341KB

  • Sample

    230815-etzfqsge99

  • MD5

    69ebe0e8a9a9b91053e2c0e4d66f0c3d

  • SHA1

    f57414de5d88d47281283477cba57d0248b8a96a

  • SHA256

    dc50ac859d6e0e73cf73569ce0cf00275ec6b47f864a8fd330cce5bd138b2e94

  • SHA512

    5f8d8ca8b54092144490ca053934764becc2a0ffb3ca1e1a944d5d2938a881d07d6ce460c9c201c6543b220c11627d1d38fd4cb725b17799ece9306740ba7786

  • SSDEEP

    6144:5cKRlD2MIApfunciGfv6q3JMtNOzAoN7qyelvs09F:5ZPD2MI02GDitGAoNUv

Score
10/10
redlinelogsdiller cloud (tg: @logsdillabot)infostealerspywarestealer

Malware Config

Extracted

Family

redline

Botnet

LogsDiller Cloud (TG: @logsdillabot)

C2

51.83.170.21:19447

Attributes
  • auth_value

    3a050df92d0cf082b2cdaf87863616be

Targets

    • Target

      dc50ac859d6e0e73cf73569ce0cf00275ec6b47f864a8fd330cce5bd138b2e94

    • Size

      341KB

    • MD5

      69ebe0e8a9a9b91053e2c0e4d66f0c3d

    • SHA1

      f57414de5d88d47281283477cba57d0248b8a96a

    • SHA256

      dc50ac859d6e0e73cf73569ce0cf00275ec6b47f864a8fd330cce5bd138b2e94

    • SHA512

      5f8d8ca8b54092144490ca053934764becc2a0ffb3ca1e1a944d5d2938a881d07d6ce460c9c201c6543b220c11627d1d38fd4cb725b17799ece9306740ba7786

    • SSDEEP

      6144:5cKRlD2MIApfunciGfv6q3JMtNOzAoN7qyelvs09F:5ZPD2MI02GDitGAoNUv

    Score
    10/10
    redlinelogsdiller cloud (tg: @logsdillabot)infostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks