Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    151s
  • max time network
    160s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 01:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66b51edc82160cda498431ff114cabf8c9bda8129e04bd8d3554748ca2d0d6c5.exe

  • Size

    382KB

  • MD5

    096716699b91d63ce3a2799ac93bcbed

  • SHA1

    b62a7006faf7fd5364386687c125295805c97c6c

  • SHA256

    66b51edc82160cda498431ff114cabf8c9bda8129e04bd8d3554748ca2d0d6c5

  • SHA512

    b1ef46ea54c119cd6f9bb1e66c31c8d87241021107d3af2881155d8daff76090960e6ab6c8a6ae498b98ecbaf293e2a59c3dc134605c1e17db8c8bd99c724f9f

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\66b51edc82160cda498431ff114cabf8c9bda8129e04bd8d3554748ca2d0d6c5.exe
    "C:\Users\Admin\AppData\Local\Temp\66b51edc82160cda498431ff114cabf8c9bda8129e04bd8d3554748ca2d0d6c5.exe"
    1⤵
      PID:1688

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1688-116-0x0000000004B50000-0x0000000004B6F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1688-117-0x0000000007650000-0x0000000007651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-118-0x0000000002E10000-0x0000000002E40000-memory.dmp

      Filesize

      192KB

      Download

    • memory/1688-119-0x0000000000400000-0x0000000002DB7000-memory.dmp

      Filesize

      41.7MB

      Download

    • memory/1688-120-0x0000000007640000-0x0000000007641000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-121-0x0000000007642000-0x0000000007643000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-122-0x0000000007643000-0x0000000007644000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-123-0x0000000004FD0000-0x0000000004FED000-memory.dmp

      Filesize

      116KB

      Download

    • memory/1688-124-0x0000000007B50000-0x0000000007B51000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-125-0x00000000074D0000-0x00000000074D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-126-0x0000000007500000-0x0000000007501000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-127-0x0000000008160000-0x0000000008161000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1688-128-0x0000000007644000-0x0000000007646000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1688-129-0x00000000081B0000-0x00000000081B1000-memory.dmp

      Filesize

      4KB

      Download