Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    164s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 02:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    864c6afdff132c18e10eadb302593af29d6af27ded6852a6db77d95f1c833e5c.exe

  • Size

    381KB

  • MD5

    1158ac756c5120eec1c0b074b07b315d

  • SHA1

    1517c98cc64b560e7dfc5b48e041b4233ad24ad1

  • SHA256

    864c6afdff132c18e10eadb302593af29d6af27ded6852a6db77d95f1c833e5c

  • SHA512

    f375575aa66e051ad9b4d3f53d8877858653743b417eef9d9a6ecdc7bbcac234230fdf837bea05562fd948989cfefb33622632458b029c6a0dd3da4a299862d3

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\864c6afdff132c18e10eadb302593af29d6af27ded6852a6db77d95f1c833e5c.exe
    "C:\Users\Admin\AppData\Local\Temp\864c6afdff132c18e10eadb302593af29d6af27ded6852a6db77d95f1c833e5c.exe"
    1⤵
      PID:1796

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1796-115-0x0000000003056000-0x0000000003079000-memory.dmp
      Filesize

      140KB

      Download
    • memory/1796-116-0x0000000002F20000-0x0000000002F50000-memory.dmp
      Filesize

      192KB

      Download
    • memory/1796-117-0x0000000003020000-0x000000000303F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1796-118-0x0000000007580000-0x0000000007581000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-119-0x0000000004DD0000-0x0000000004DED000-memory.dmp
      Filesize

      116KB

      Download
    • memory/1796-120-0x0000000007A80000-0x0000000007A81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-121-0x00000000074D0000-0x00000000074D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-122-0x0000000008090000-0x0000000008091000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-123-0x0000000007500000-0x0000000007501000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-124-0x0000000000400000-0x0000000002DB7000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/1796-125-0x0000000007570000-0x0000000007571000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-126-0x0000000007572000-0x0000000007573000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-127-0x0000000007573000-0x0000000007574000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1796-128-0x0000000007574000-0x0000000007576000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1796-129-0x00000000081B0000-0x00000000081B1000-memory.dmp
      Filesize

      4KB

      Download