Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    138s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    15-09-2021 07:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c2600e42704cc86e5b7118963997f6b52ceba90b94a768914b55233876a7a302.exe

  • Size

    281KB

  • MD5

    b78112dc5bda54b5ad2bd253f1a8898a

  • SHA1

    cb861921cf82e9397c5c0caa22f21988ec9231c3

  • SHA256

    c2600e42704cc86e5b7118963997f6b52ceba90b94a768914b55233876a7a302

  • SHA512

    3ae00cb0b21ce48775461533043c2c6ec5fbea2be88a99b4260aeab810a5ff50c4d6f7636a8076f011349385ab58e9964aa410398abaf02b513528e1435723d9

Score
10/10
redline10fkinfostealer

Malware Config

Extracted

Family

redline

Botnet

10fk

C2

185.45.192.203:80

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c2600e42704cc86e5b7118963997f6b52ceba90b94a768914b55233876a7a302.exe
    "C:\Users\Admin\AppData\Local\Temp\c2600e42704cc86e5b7118963997f6b52ceba90b94a768914b55233876a7a302.exe"
    1⤵
      PID:604

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/604-114-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/604-115-0x0000000000400000-0x0000000002164000-memory.dmp
      Filesize

      29.4MB

      Download
    • memory/604-116-0x0000000003E70000-0x0000000003E8F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/604-117-0x0000000006990000-0x0000000006991000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-118-0x00000000067E0000-0x00000000067FE000-memory.dmp
      Filesize

      120KB

      Download
    • memory/604-120-0x0000000006982000-0x0000000006983000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-119-0x0000000006980000-0x0000000006981000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-121-0x0000000006983000-0x0000000006984000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-122-0x0000000006E90000-0x0000000006E91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-123-0x0000000006880000-0x0000000006881000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-124-0x00000000074A0000-0x00000000074A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-125-0x0000000006984000-0x0000000006986000-memory.dmp
      Filesize

      8KB

      Download
    • memory/604-126-0x00000000068B0000-0x00000000068B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/604-127-0x0000000006930000-0x0000000006931000-memory.dmp
      Filesize

      4KB

      Download