Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0880a0616e61eb37e407cf6cdd42491d7602463cdb884e6361be7c29cd2a1255

  • Size

    832KB

  • Sample

    230819-dtln7sfh32

  • MD5

    ba7dd8b6b7d3dc053c777ec0ef6a122e

  • SHA1

    60ceff1f5d5a1ec01e42a5b5c287a115d05a8fb2

  • SHA256

    0880a0616e61eb37e407cf6cdd42491d7602463cdb884e6361be7c29cd2a1255

  • SHA512

    4637ef8a7cc04c5fea4904f4368847d263a790b134357c29684ea945ac6bb62fe26351c82e7895845456a96524b00fd6c4d7c5bb7327d2e22b1ead3c7d2a36bb

  • SSDEEP

    12288:nMrny90KAswF+hsAJhZ7slVqbfldCKPGHLrT9W7WIFnxsItbf7AQiYmYUbSilcmV:UyLrm2hZ7sWfl7PGP8BxRXBn+62

Score
10/10
redlinedugininfostealerpersistence

Malware Config

Extracted

Family

redline

Botnet

dugin

C2

77.91.124.73:19071

Attributes
  • auth_value

    7c3e46e091100fd26a6076996d374c28

Targets

    • Target

      0880a0616e61eb37e407cf6cdd42491d7602463cdb884e6361be7c29cd2a1255

    • Size

      832KB

    • MD5

      ba7dd8b6b7d3dc053c777ec0ef6a122e

    • SHA1

      60ceff1f5d5a1ec01e42a5b5c287a115d05a8fb2

    • SHA256

      0880a0616e61eb37e407cf6cdd42491d7602463cdb884e6361be7c29cd2a1255

    • SHA512

      4637ef8a7cc04c5fea4904f4368847d263a790b134357c29684ea945ac6bb62fe26351c82e7895845456a96524b00fd6c4d7c5bb7327d2e22b1ead3c7d2a36bb

    • SSDEEP

      12288:nMrny90KAswF+hsAJhZ7slVqbfldCKPGHLrT9W7WIFnxsItbf7AQiYmYUbSilcmV:UyLrm2hZ7sWfl7PGP8BxRXBn+62

    Score
    10/10
    redlinedugininfostealerpersistence

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks