Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    145s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    20-10-2021 07:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    173a975a57ffbef1961c867bf6c35f8bb5fc800582ddd0e8fa69132bd0fb64d8.exe

  • Size

    405KB

  • MD5

    3f4a2c878bf992b030d8679c46fcc62e

  • SHA1

    f370544fe56979b01c2015a8d68e94ec840f874e

  • SHA256

    173a975a57ffbef1961c867bf6c35f8bb5fc800582ddd0e8fa69132bd0fb64d8

  • SHA512

    7db3744e1b637302cb7a4ac99977bfb047b986ed19cd05ed7eeeaec0ba7092f462d3ab5a73b734578345597b47625cef1c3f94ba1742f623d04c125a0385f6bc

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\173a975a57ffbef1961c867bf6c35f8bb5fc800582ddd0e8fa69132bd0fb64d8.exe
    "C:\Users\Admin\AppData\Local\Temp\173a975a57ffbef1961c867bf6c35f8bb5fc800582ddd0e8fa69132bd0fb64d8.exe"
    1⤵
      PID:2392

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2392-116-0x0000000002EF0000-0x000000000303A000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/2392-117-0x0000000000400000-0x0000000002DBD000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2392-118-0x0000000004CE0000-0x0000000004CFF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2392-119-0x0000000007600000-0x0000000007601000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-120-0x0000000004E90000-0x0000000004EAD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2392-121-0x0000000007B00000-0x0000000007B01000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-122-0x00000000075F0000-0x00000000075F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-123-0x00000000075F2000-0x00000000075F3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-124-0x00000000075F3000-0x00000000075F4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-125-0x00000000074D0000-0x00000000074D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-126-0x0000000008110000-0x0000000008111000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-127-0x00000000075F4000-0x00000000075F6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2392-128-0x0000000007500000-0x0000000007501000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2392-129-0x0000000007580000-0x0000000007581000-memory.dmp
      Filesize

      4KB

      Download