Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    136s
  • max time network
    148s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    14-10-2021 02:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    50103db491ecf133c0ea7c01340b1b19b9fae62871759b88d32a9ee4263a59f2.exe

  • Size

    324KB

  • MD5

    cd18a6fa157e60820c63510d799096c4

  • SHA1

    90cad7a1a5cb79e9236e4cf935c6c8e146fcf13a

  • SHA256

    50103db491ecf133c0ea7c01340b1b19b9fae62871759b88d32a9ee4263a59f2

  • SHA512

    1d5954116611126936d8769f7e0c16d763549a3de60b718de8b2db1923831603c2e58dbe35cb5eabf73bf208a5de401d74c66b60718708f5d496537b26e2bcfb

Score
10/10
redlineusamoneyinfostealer

Malware Config

Extracted

Family

redline

Botnet

usamoney

C2

45.142.215.47:27643

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\50103db491ecf133c0ea7c01340b1b19b9fae62871759b88d32a9ee4263a59f2.exe
    "C:\Users\Admin\AppData\Local\Temp\50103db491ecf133c0ea7c01340b1b19b9fae62871759b88d32a9ee4263a59f2.exe"
    1⤵
      PID:2524

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2524-115-0x00000000006C1000-0x00000000006E4000-memory.dmp
      Filesize

      140KB

      Download
    • memory/2524-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2524-117-0x0000000000400000-0x00000000004C3000-memory.dmp
      Filesize

      780KB

      Download
    • memory/2524-118-0x0000000000960000-0x000000000097F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2524-119-0x0000000004C00000-0x0000000004C01000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-120-0x00000000023D0000-0x00000000023ED000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2524-121-0x0000000005100000-0x0000000005101000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-122-0x0000000002750000-0x0000000002751000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-123-0x0000000004AD0000-0x0000000004AD1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-124-0x0000000005710000-0x0000000005711000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-125-0x0000000005780000-0x0000000005781000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-126-0x0000000004BF0000-0x0000000004BF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-127-0x0000000004BF2000-0x0000000004BF3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-128-0x0000000004BF3000-0x0000000004BF4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2524-129-0x0000000004BF4000-0x0000000004BF6000-memory.dmp
      Filesize

      8KB

      Download