Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    163s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 01:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f7abc2936f54b30e4b91c7bf737855631426a087c03e007046354e41c56ed46c.exe

  • Size

    381KB

  • MD5

    a48733ecf683028d6945ba85e4857b6a

  • SHA1

    de0ea17d33078e578a58fd002cf88c6c6f03aa17

  • SHA256

    f7abc2936f54b30e4b91c7bf737855631426a087c03e007046354e41c56ed46c

  • SHA512

    c9f1224ca385e135e6445f83e4a132c4ef87db6c471c2966ae5d678ab20b981a565f19dc377e09776a3f33d53e609c69f4a3dfbdc7f361cef5b1996a668055a2

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f7abc2936f54b30e4b91c7bf737855631426a087c03e007046354e41c56ed46c.exe
    "C:\Users\Admin\AppData\Local\Temp\f7abc2936f54b30e4b91c7bf737855631426a087c03e007046354e41c56ed46c.exe"
    1⤵
      PID:3556

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3556-115-0x0000000002F76000-0x0000000002F99000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3556-116-0x0000000002E30000-0x0000000002F7A000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/3556-117-0x0000000000400000-0x0000000002DB7000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/3556-118-0x0000000004AC0000-0x0000000004ADF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3556-119-0x0000000007440000-0x0000000007441000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-120-0x0000000004B70000-0x0000000004B8D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3556-121-0x0000000007940000-0x0000000007941000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-123-0x0000000004FB2000-0x0000000004FB3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-125-0x0000000004E50000-0x0000000004E51000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-124-0x0000000004FB3000-0x0000000004FB4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-122-0x0000000004FB0000-0x0000000004FB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-126-0x0000000007F50000-0x0000000007F51000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-127-0x0000000008060000-0x0000000008061000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-128-0x00000000080A0000-0x00000000080A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3556-129-0x0000000004FB4000-0x0000000004FB6000-memory.dmp
      Filesize

      8KB

      Download