Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    163s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    14-10-2021 18:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    64ed8af82d056d4a168a7a7b8c325df25cb58a809fd579bf6258b70b963d9149.exe

  • Size

    309KB

  • MD5

    4a4bb2d0413cdcd6542913f83944bb4e

  • SHA1

    14c4317c38092d32517497769395bb89a13db471

  • SHA256

    64ed8af82d056d4a168a7a7b8c325df25cb58a809fd579bf6258b70b963d9149

  • SHA512

    851ce7922c8666adf11189b606a3f4364d41c04c97586ee5a832834df30edf7c48eb76bba5b8cabc2848a51694064596d55c907fce47d369011ee95b983acf36

Score
10/10
redlineusamoneyinfostealer

Malware Config

Extracted

Family

redline

Botnet

usamoney

C2

45.142.215.47:27643

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\64ed8af82d056d4a168a7a7b8c325df25cb58a809fd579bf6258b70b963d9149.exe
    "C:\Users\Admin\AppData\Local\Temp\64ed8af82d056d4a168a7a7b8c325df25cb58a809fd579bf6258b70b963d9149.exe"
    1⤵
      PID:3704

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3704-115-0x0000000000679000-0x000000000069C000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3704-116-0x0000000002170000-0x000000000218F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3704-117-0x0000000004B80000-0x0000000004B81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-118-0x0000000002450000-0x000000000246D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3704-119-0x0000000005080000-0x0000000005081000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-120-0x0000000004A90000-0x0000000004A91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-121-0x0000000005690000-0x0000000005691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-122-0x0000000000510000-0x0000000000540000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3704-123-0x0000000000400000-0x00000000004BF000-memory.dmp
      Filesize

      764KB

      Download
    • memory/3704-124-0x0000000004B70000-0x0000000004B71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-125-0x0000000004B72000-0x0000000004B73000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-126-0x0000000004B73000-0x0000000004B74000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-127-0x0000000004AC0000-0x0000000004AC1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-128-0x00000000057A0000-0x00000000057A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3704-129-0x0000000004B74000-0x0000000004B76000-memory.dmp
      Filesize

      8KB

      Download