Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    20-10-2021 03:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c15b041d0d3bbc1a96626ed511d044d7545c264d7c739dbdf7810743639c14ca.exe

  • Size

    382KB

  • MD5

    7c4e7711d4422ccbb7ac8e20559fb2b7

  • SHA1

    37bd46da3eb2dc9f3cf13188eb0e58352fbefcee

  • SHA256

    c15b041d0d3bbc1a96626ed511d044d7545c264d7c739dbdf7810743639c14ca

  • SHA512

    93fdb63085916ee6b494a2abb06183548b5b87546424a51c26c4dee18a470094b019c0ffa80f292ed924251ebe8c492e1971da0d861dab0b6d6674cb5ae21322

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c15b041d0d3bbc1a96626ed511d044d7545c264d7c739dbdf7810743639c14ca.exe
    "C:\Users\Admin\AppData\Local\Temp\c15b041d0d3bbc1a96626ed511d044d7545c264d7c739dbdf7810743639c14ca.exe"
    1⤵
      PID:2276

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2276-115-0x0000000002FE6000-0x0000000003009000-memory.dmp

      Filesize

      140KB

      Download

    • memory/2276-116-0x0000000002E40000-0x0000000002F8A000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2276-117-0x0000000000400000-0x0000000002DB7000-memory.dmp

      Filesize

      41.7MB

      Download

    • memory/2276-118-0x0000000004BD0000-0x0000000004BEF000-memory.dmp

      Filesize

      124KB

      Download

    • memory/2276-119-0x0000000007590000-0x0000000007591000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-120-0x0000000004ED0000-0x0000000004EED000-memory.dmp

      Filesize

      116KB

      Download

    • memory/2276-121-0x00000000080A0000-0x00000000080A1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-124-0x0000000007583000-0x0000000007584000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-122-0x0000000007580000-0x0000000007581000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-123-0x0000000007582000-0x0000000007583000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-125-0x00000000074D0000-0x00000000074D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-126-0x0000000007A90000-0x0000000007A91000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-127-0x0000000007584000-0x0000000007586000-memory.dmp

      Filesize

      8KB

      Download

    • memory/2276-128-0x0000000007500000-0x0000000007501000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2276-129-0x0000000007BA0000-0x0000000007BA1000-memory.dmp

      Filesize

      4KB

      Download