Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    14-10-2021 19:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6bec4cac65e4dc781bba1bf54c43835acd05de395ec8559751b2a84ca4bc6fda.exe

  • Size

    309KB

  • MD5

    ffd6be108901051a2ec022684eca61e1

  • SHA1

    48409956033171e5fc3f6fecd1784a65641fa8a2

  • SHA256

    6bec4cac65e4dc781bba1bf54c43835acd05de395ec8559751b2a84ca4bc6fda

  • SHA512

    e339dec09ce4d778eea674b9fa1bef1b5f5545345e87c635dea407758fe0c66c0ba38ac1490f887a218f18f36bfb1dccaf6a4ab3a74a41d049d1eca8a44a9bb0

Score
10/10
redlineusamoneyinfostealer

Malware Config

Extracted

Family

redline

Botnet

usamoney

C2

45.142.215.47:27643

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6bec4cac65e4dc781bba1bf54c43835acd05de395ec8559751b2a84ca4bc6fda.exe
    "C:\Users\Admin\AppData\Local\Temp\6bec4cac65e4dc781bba1bf54c43835acd05de395ec8559751b2a84ca4bc6fda.exe"
    1⤵
      PID:2016

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2016-116-0x0000000000650000-0x0000000000680000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2016-117-0x0000000000400000-0x00000000004BF000-memory.dmp
      Filesize

      764KB

      Download
    • memory/2016-118-0x00000000023D0000-0x00000000023EF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2016-119-0x0000000004CC0000-0x0000000004CC1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-120-0x00000000027A0000-0x00000000027BD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2016-121-0x00000000051C0000-0x00000000051C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-122-0x0000000004BD0000-0x0000000004BD1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-123-0x00000000057D0000-0x00000000057D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-124-0x0000000004C00000-0x0000000004C01000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-125-0x00000000058E0000-0x00000000058E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-127-0x0000000004CB2000-0x0000000004CB3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-128-0x0000000004CB3000-0x0000000004CB4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-126-0x0000000004CB0000-0x0000000004CB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-129-0x0000000004CB4000-0x0000000004CB6000-memory.dmp
      Filesize

      8KB

      Download