Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    15-10-2021 11:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8ab3e5ce3fb72b8e6e14a4833a40107a094f6dbfbeceacefabb4f6902621b66e.exe

  • Size

    366KB

  • MD5

    af51b8540aa449e88b8ff15e03986952

  • SHA1

    53bbebc63b3aaf4bc92f2b9c0766f470744cf011

  • SHA256

    8ab3e5ce3fb72b8e6e14a4833a40107a094f6dbfbeceacefabb4f6902621b66e

  • SHA512

    bfe913952baf8cfa3615ea6f5d1ae1b6ef881ca058e8dc9eea781bdb4a519a5d13e60ca989a34e857e10d50aaaa9e3d0e8fc339498d2571789c844f036fdba5e

Score
10/10
redlineusamoneyinfostealer

Malware Config

Extracted

Family

redline

Botnet

usamoney

C2

45.142.215.47:27643

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8ab3e5ce3fb72b8e6e14a4833a40107a094f6dbfbeceacefabb4f6902621b66e.exe
    "C:\Users\Admin\AppData\Local\Temp\8ab3e5ce3fb72b8e6e14a4833a40107a094f6dbfbeceacefabb4f6902621b66e.exe"
    1⤵
      PID:2404

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2404-117-0x0000000003420000-0x0000000003450000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2404-116-0x0000000003550000-0x000000000356F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2404-118-0x0000000000400000-0x00000000016CE000-memory.dmp
      Filesize

      18.8MB

      Download
    • memory/2404-119-0x0000000005E70000-0x0000000005E71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-120-0x0000000005E80000-0x0000000005E81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-121-0x0000000003720000-0x000000000373D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2404-122-0x0000000006380000-0x0000000006381000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-123-0x00000000038B0000-0x00000000038B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-124-0x0000000006990000-0x0000000006991000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-125-0x0000000005E10000-0x0000000005E11000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-127-0x0000000006AC0000-0x0000000006AC1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-126-0x0000000005E72000-0x0000000005E73000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-128-0x0000000005E73000-0x0000000005E74000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-129-0x0000000005E74000-0x0000000005E76000-memory.dmp
      Filesize

      8KB

      Download