Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    147s
  • max time network
    163s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 04:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c9e382aa05770fcfae20af145234097bf52469ac24555f6dbce8673fc04e6a5d.exe

  • Size

    382KB

  • MD5

    1d8ec00d7807550cc1e71a03579249d4

  • SHA1

    bac6617c68a1edb7d5c656e0fbe92bad6c02d3c8

  • SHA256

    c9e382aa05770fcfae20af145234097bf52469ac24555f6dbce8673fc04e6a5d

  • SHA512

    64f44c2d2818862675ade3d6b231e2ad823205649d5f9cf7fdaafe0621cee27b2a9a47d39dc7044f8711ddee2448e432dad2491675a9bf7997b472bbfb949fa0

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c9e382aa05770fcfae20af145234097bf52469ac24555f6dbce8673fc04e6a5d.exe
    "C:\Users\Admin\AppData\Local\Temp\c9e382aa05770fcfae20af145234097bf52469ac24555f6dbce8673fc04e6a5d.exe"
    1⤵
      PID:1892

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1892-115-0x0000000002F36000-0x0000000002F59000-memory.dmp

      Filesize

      140KB

      Download

    • memory/1892-116-0x00000000049C0000-0x00000000049F0000-memory.dmp

      Filesize

      192KB

      Download

    • memory/1892-117-0x0000000004B10000-0x0000000004B2F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1892-118-0x0000000007500000-0x0000000007501000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-119-0x0000000004B80000-0x0000000004B9D000-memory.dmp

      Filesize

      116KB

      Download

    • memory/1892-120-0x0000000007A00000-0x0000000007A01000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-121-0x0000000004F40000-0x0000000004F41000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-122-0x0000000008010000-0x0000000008011000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-123-0x00000000073F0000-0x00000000073F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-124-0x0000000000400000-0x0000000002DB7000-memory.dmp

      Filesize

      41.7MB

      Download

    • memory/1892-126-0x00000000074F2000-0x00000000074F3000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-127-0x00000000074F3000-0x00000000074F4000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-125-0x00000000074F0000-0x00000000074F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1892-128-0x00000000074F4000-0x00000000074F6000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1892-129-0x0000000007440000-0x0000000007441000-memory.dmp

      Filesize

      4KB

      Download