Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    163s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 08:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bed5ac8839055d47bc3330d2df95699a6b1dfacc7c4d87199b674e445182136a.exe

  • Size

    405KB

  • MD5

    0f249adb648b5c1f343297ce3f24251d

  • SHA1

    be80b2c0b86d47090f9b6be0a13c2a8416d0a3f2

  • SHA256

    bed5ac8839055d47bc3330d2df95699a6b1dfacc7c4d87199b674e445182136a

  • SHA512

    4c9caccb25f0e487053dfdae49911f1a40e802971dee527714d82cdad4496c8f6e12a97501aff5d5b4dcb1a259be445d226b4825f57737b029ca34999e8b0455

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bed5ac8839055d47bc3330d2df95699a6b1dfacc7c4d87199b674e445182136a.exe
    "C:\Users\Admin\AppData\Local\Temp\bed5ac8839055d47bc3330d2df95699a6b1dfacc7c4d87199b674e445182136a.exe"
    1⤵
      PID:1828

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1828-116-0x0000000004B10000-0x0000000004B40000-memory.dmp
      Filesize

      192KB

      Download
    • memory/1828-117-0x0000000000400000-0x0000000002DBD000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/1828-118-0x0000000004C30000-0x0000000004C4F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1828-119-0x0000000007440000-0x0000000007441000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-120-0x0000000007940000-0x000000000795D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/1828-121-0x0000000007960000-0x0000000007961000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-122-0x0000000007FF0000-0x0000000007FF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-123-0x0000000008020000-0x0000000008021000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-124-0x0000000004C50000-0x0000000004C51000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-125-0x0000000004C52000-0x0000000004C53000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-126-0x0000000004C54000-0x0000000004C56000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1828-127-0x0000000004C53000-0x0000000004C54000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-128-0x0000000008130000-0x0000000008131000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1828-129-0x00000000081B0000-0x00000000081B1000-memory.dmp
      Filesize

      4KB

      Download