Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    20-10-2021 01:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ea4de7026018e1250d2588dc2f0eb315738b6567080b23aa4fb273602ae8065.exe

  • Size

    381KB

  • MD5

    c5422258b8ee1a5d404b29de44bc9c13

  • SHA1

    00cd135b9b0a3a19369daadbc8d8ce88695be339

  • SHA256

    3ea4de7026018e1250d2588dc2f0eb315738b6567080b23aa4fb273602ae8065

  • SHA512

    5fe60817d8249b008cd58c9e2692e7eb7213142aa110541f6cfb97002d651dff135e58b95ec41686856bf05d1f8142c64bb08491c1f2cfa82d3ab8ec66e351e2

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ea4de7026018e1250d2588dc2f0eb315738b6567080b23aa4fb273602ae8065.exe
    "C:\Users\Admin\AppData\Local\Temp\3ea4de7026018e1250d2588dc2f0eb315738b6567080b23aa4fb273602ae8065.exe"
    1⤵
      PID:1828

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1828-115-0x0000000003066000-0x0000000003089000-memory.dmp

      Filesize

      140KB

      Download

    • memory/1828-116-0x0000000002F40000-0x0000000002F70000-memory.dmp

      Filesize

      192KB

      Download

    • memory/1828-117-0x0000000000400000-0x0000000002DB7000-memory.dmp

      Filesize

      41.7MB

      Download

    • memory/1828-118-0x0000000004D30000-0x0000000004D4F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1828-119-0x0000000007550000-0x0000000007551000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-120-0x0000000007552000-0x0000000007553000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-121-0x0000000007553000-0x0000000007554000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-122-0x0000000007560000-0x0000000007561000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-123-0x0000000004E30000-0x0000000004E4D000-memory.dmp

      Filesize

      116KB

      Download

    • memory/1828-124-0x0000000007A60000-0x0000000007A61000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-125-0x00000000074D0000-0x00000000074D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-126-0x0000000008070000-0x0000000008071000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-127-0x0000000007500000-0x0000000007501000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1828-128-0x0000000007554000-0x0000000007556000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1828-129-0x00000000081B0000-0x00000000081B1000-memory.dmp

      Filesize

      4KB

      Download