Overview

overview

10

Static

static

1

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    efd5137347051e0ea37fff40f2fd343aa80368861a119d43230bdc31e8600cf0

  • Size

    497KB

  • Sample

    231023-kyhlnsfc6s

  • MD5

    659bbc5d7a40b34cd15cd156050aa049

  • SHA1

    385d7a6ddb64e2ee5594ede43ae4fd4fb3a85678

  • SHA256

    efd5137347051e0ea37fff40f2fd343aa80368861a119d43230bdc31e8600cf0

  • SHA512

    dafc0ee06aa6174d88166d9181250db078f5a1c8dc72b7747e53963aaefda0b0cac779faf258c2f42d061f23edff9bb48a7b4d1b085addc957169678e09b6a50

  • SSDEEP

    6144:Wn2Qrs72m62/vpUOXia60CoOO5R2ZnxQdLTJFb246eQB8ApxQNh:22QHmlvpUOXia60C3O5R2sdLu4uBPSL

Score
10/10
redlinediscoveryinfostealerspywarestealer

Malware Config

Targets

    • Target

      efd5137347051e0ea37fff40f2fd343aa80368861a119d43230bdc31e8600cf0

    • Size

      497KB

    • MD5

      659bbc5d7a40b34cd15cd156050aa049

    • SHA1

      385d7a6ddb64e2ee5594ede43ae4fd4fb3a85678

    • SHA256

      efd5137347051e0ea37fff40f2fd343aa80368861a119d43230bdc31e8600cf0

    • SHA512

      dafc0ee06aa6174d88166d9181250db078f5a1c8dc72b7747e53963aaefda0b0cac779faf258c2f42d061f23edff9bb48a7b4d1b085addc957169678e09b6a50

    • SSDEEP

      6144:Wn2Qrs72m62/vpUOXia60CoOO5R2ZnxQdLTJFb246eQB8ApxQNh:22QHmlvpUOXia60C3O5R2sdLu4uBPSL

    Score
    10/10
    redlinediscoveryinfostealerspywarestealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks