Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    147s
  • max time network
    162s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 02:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e97d2f77252f3efacd7332977e93203dcfc974c2c93661cb2d552e73cd5234cf.exe

  • Size

    382KB

  • MD5

    d464bc9a3e220d2405fc43a081531be1

  • SHA1

    e4852e3d5411d54cf58383a5e6344045ca86a2a4

  • SHA256

    e97d2f77252f3efacd7332977e93203dcfc974c2c93661cb2d552e73cd5234cf

  • SHA512

    1e19132d699fb76b09266172dbd7f1a5cdb739e4c2e81bdbd02b04e098b6fcf5aa0fe7af104f76653bf19180d8cf51459ccd9c455d8a6d51f8370f63e86381ba

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e97d2f77252f3efacd7332977e93203dcfc974c2c93661cb2d552e73cd5234cf.exe
    "C:\Users\Admin\AppData\Local\Temp\e97d2f77252f3efacd7332977e93203dcfc974c2c93661cb2d552e73cd5234cf.exe"
    1⤵
      PID:2136

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2136-115-0x0000000003136000-0x0000000003159000-memory.dmp

      Filesize

      140KB

      Download

    • memory/2136-116-0x0000000002DC0000-0x0000000002F0A000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2136-117-0x0000000004B00000-0x0000000004B1F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/2136-118-0x00000000075A0000-0x00000000075A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-119-0x0000000004C60000-0x0000000004C7D000-memory.dmp

      Filesize

      116KB

      Download

    • memory/2136-120-0x0000000007AA0000-0x0000000007AA1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-121-0x0000000004E30000-0x0000000004E31000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-122-0x0000000007410000-0x0000000007411000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-123-0x0000000007520000-0x0000000007521000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-124-0x00000000080B0000-0x00000000080B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-125-0x0000000000400000-0x0000000002DB7000-memory.dmp

      Filesize

      41.7MB

      Download

    • memory/2136-126-0x0000000007590000-0x0000000007591000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-127-0x0000000007592000-0x0000000007593000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-128-0x0000000007593000-0x0000000007594000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2136-129-0x0000000007594000-0x0000000007596000-memory.dmp

      Filesize

      8KB

      Download