Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    145s
  • max time network
    147s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    20-10-2021 03:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3f92ebeaa6956e1d0dc7eaafaeb3bb3f0f61f34f9b33a9b6348b1f665747a593.exe

  • Size

    382KB

  • MD5

    176e6176fb0edf3f0813fbf50c96bcd8

  • SHA1

    955e62a044997180da1cb7b443ce1ca36c06c9ea

  • SHA256

    3f92ebeaa6956e1d0dc7eaafaeb3bb3f0f61f34f9b33a9b6348b1f665747a593

  • SHA512

    22786733e004c8980162c57dccc44f44b60eaaf7f8c9d4cbe2ea7b7cf5d2e2fb0ea4059a7142c7315ce493266e64c883ea656c34228fe5f025c4bd92183a88f0

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3f92ebeaa6956e1d0dc7eaafaeb3bb3f0f61f34f9b33a9b6348b1f665747a593.exe
    "C:\Users\Admin\AppData\Local\Temp\3f92ebeaa6956e1d0dc7eaafaeb3bb3f0f61f34f9b33a9b6348b1f665747a593.exe"
    1⤵
      PID:1380

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1380-116-0x0000000002E10000-0x0000000002EBE000-memory.dmp
      Filesize

      696KB

      Download
    • memory/1380-117-0x0000000000400000-0x0000000002DB7000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/1380-118-0x0000000004BF0000-0x0000000004C0F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1380-120-0x00000000075A0000-0x00000000075A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-119-0x0000000004EC0000-0x0000000004EC1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-122-0x0000000004EC3000-0x0000000004EC4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-121-0x0000000004EC2000-0x0000000004EC3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-123-0x0000000004EA0000-0x0000000004EBD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/1380-124-0x0000000007AA0000-0x0000000007AA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-125-0x0000000004F70000-0x0000000004F71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-126-0x00000000080B0000-0x00000000080B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-127-0x0000000004FE0000-0x0000000004FE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1380-128-0x0000000004EC4000-0x0000000004EC6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1380-129-0x00000000081C0000-0x00000000081C1000-memory.dmp
      Filesize

      4KB

      Download