Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 03:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ff659704d925ac116d7d4072e87c5f82617d0bb8f291db59369b56ff3b7f768.exe

  • Size

    382KB

  • MD5

    9326403b08db7b7f095437db14a4de0f

  • SHA1

    49c832139ad8fb28ac9012c993a18f9a2ac777a2

  • SHA256

    2ff659704d925ac116d7d4072e87c5f82617d0bb8f291db59369b56ff3b7f768

  • SHA512

    d46303c26c4cb1b0b44b7ec9acb600d0cd924e62dacfade0fe5f699a222e0e7c36c2244586e07bc73a37ef57d2ebe4fabc70f3be671097d99a235dc26eb2475c

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2ff659704d925ac116d7d4072e87c5f82617d0bb8f291db59369b56ff3b7f768.exe
    "C:\Users\Admin\AppData\Local\Temp\2ff659704d925ac116d7d4072e87c5f82617d0bb8f291db59369b56ff3b7f768.exe"
    1⤵
      PID:2452

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2452-117-0x0000000000400000-0x0000000002DB7000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2452-116-0x0000000002F00000-0x000000000304A000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/2452-118-0x0000000004AB0000-0x0000000004ACF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2452-119-0x00000000075E0000-0x00000000075E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-120-0x0000000004D30000-0x0000000004D4D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2452-121-0x0000000007AE0000-0x0000000007AE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-122-0x0000000004E30000-0x0000000004E31000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-123-0x0000000007430000-0x0000000007431000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-124-0x0000000004F70000-0x0000000004F71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-128-0x00000000075D4000-0x00000000075D6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2452-127-0x00000000075D3000-0x00000000075D4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-126-0x00000000075D2000-0x00000000075D3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-125-0x00000000075D0000-0x00000000075D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2452-129-0x0000000007550000-0x0000000007551000-memory.dmp
      Filesize

      4KB

      Download