Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 01:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a0bc531aa6f892e29404f3387a20052932d483884deabb252b036dd28d97f590.exe

  • Size

    382KB

  • MD5

    817724375ecb0b83c9869413acc651e9

  • SHA1

    c3a113122f62736a9c0814217b2b92db113659c5

  • SHA256

    a0bc531aa6f892e29404f3387a20052932d483884deabb252b036dd28d97f590

  • SHA512

    1ac2e5c5d2472d43d811bb00637b4c48b83371fa6af654143fb3844727148d91b4c76e22d317fddd4fcaae98a36c2a30b76ec343159000c7421388f654529859

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a0bc531aa6f892e29404f3387a20052932d483884deabb252b036dd28d97f590.exe
    "C:\Users\Admin\AppData\Local\Temp\a0bc531aa6f892e29404f3387a20052932d483884deabb252b036dd28d97f590.exe"
    1⤵
      PID:2016

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2016-115-0x0000000002FE6000-0x0000000003009000-memory.dmp
      Filesize

      140KB

      Download
    • memory/2016-117-0x0000000000400000-0x0000000002DB7000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2016-116-0x0000000002E40000-0x0000000002F8A000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/2016-118-0x0000000004C70000-0x0000000004C8F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2016-119-0x0000000007660000-0x0000000007661000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-120-0x0000000007670000-0x0000000007671000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-121-0x0000000007662000-0x0000000007663000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-122-0x0000000007663000-0x0000000007664000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-123-0x0000000004EF0000-0x0000000004F0D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2016-124-0x0000000007B70000-0x0000000007B71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-125-0x00000000074D0000-0x00000000074D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-126-0x0000000007500000-0x0000000007501000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-127-0x0000000007664000-0x0000000007666000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2016-128-0x0000000007610000-0x0000000007611000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2016-129-0x00000000081B0000-0x00000000081B1000-memory.dmp
      Filesize

      4KB

      Download