Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    147s
  • max time network
    162s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 06:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8af3b100608e02d836067f31f5f2a0c20d350dd68bf213cc267f669e60b9a592.exe

  • Size

    406KB

  • MD5

    3d03ba4d9fff31b43864ab15b575c523

  • SHA1

    8b0095bb422ba3161d9320cc83617672e8a22f50

  • SHA256

    8af3b100608e02d836067f31f5f2a0c20d350dd68bf213cc267f669e60b9a592

  • SHA512

    cc68fb5b5abccf2794aa3c69dc4f15696431dac7931fa2fdfe350ffaf6764abcda8e134567c0dffb9b0a5d43daa44bb0fd3337ab756d98ba388391e7ae1f515a

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8af3b100608e02d836067f31f5f2a0c20d350dd68bf213cc267f669e60b9a592.exe
    "C:\Users\Admin\AppData\Local\Temp\8af3b100608e02d836067f31f5f2a0c20d350dd68bf213cc267f669e60b9a592.exe"
    1⤵
      PID:2620

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2620-115-0x0000000003166000-0x0000000003189000-memory.dmp
      Filesize

      140KB

      Download
    • memory/2620-116-0x00000000030F0000-0x0000000003120000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2620-117-0x0000000004AC0000-0x0000000004ADF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2620-118-0x00000000075C0000-0x00000000075C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-119-0x0000000004DD0000-0x0000000004DED000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2620-120-0x0000000007AC0000-0x0000000007AC1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-121-0x0000000004F30000-0x0000000004F31000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-122-0x0000000007400000-0x0000000007401000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-123-0x0000000000400000-0x0000000002DBD000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2620-125-0x00000000075B2000-0x00000000075B3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-124-0x00000000075B0000-0x00000000075B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-126-0x00000000075B3000-0x00000000075B4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-127-0x00000000075B4000-0x00000000075B6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2620-128-0x0000000007510000-0x0000000007511000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2620-129-0x0000000007550000-0x0000000007551000-memory.dmp
      Filesize

      4KB

      Download