Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    161s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 05:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f8ce27a43ccecaf677abb7501aae7d7bf9481081b14686a17ffb712816c1ed31.exe

  • Size

    405KB

  • MD5

    6a1e87ef2c814fe323050538c444ac37

  • SHA1

    5a9b06cd6278622f198d1acf48efef1b1dd812bb

  • SHA256

    f8ce27a43ccecaf677abb7501aae7d7bf9481081b14686a17ffb712816c1ed31

  • SHA512

    d8c89f4cdaff0887b55edf48a07dee056a1082ae450360fe85d88de1f1458a7856dadaa683075b73349c73a5a4c6764ee5a74396ec93a9ee26b02af7eb2bb778

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f8ce27a43ccecaf677abb7501aae7d7bf9481081b14686a17ffb712816c1ed31.exe
    "C:\Users\Admin\AppData\Local\Temp\f8ce27a43ccecaf677abb7501aae7d7bf9481081b14686a17ffb712816c1ed31.exe"
    1⤵
      PID:2144

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2144-116-0x0000000004AE0000-0x0000000004B10000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2144-117-0x0000000004D10000-0x0000000004D2F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2144-118-0x0000000007520000-0x0000000007521000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-119-0x0000000004ED0000-0x0000000004EED000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2144-120-0x0000000007A20000-0x0000000007A21000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-121-0x00000000074D0000-0x00000000074D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-122-0x0000000008030000-0x0000000008031000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-123-0x0000000000400000-0x0000000002DBD000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2144-124-0x0000000007510000-0x0000000007511000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-126-0x0000000007513000-0x0000000007514000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-125-0x0000000007512000-0x0000000007513000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-127-0x0000000008140000-0x0000000008141000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-128-0x00000000081B0000-0x00000000081B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2144-129-0x0000000007514000-0x0000000007516000-memory.dmp
      Filesize

      8KB

      Download