Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    161s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 08:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4815ba04175313458402711bd8a7ec56101f800501b1304b991ae92e787bc17d.exe

  • Size

    405KB

  • MD5

    b206f5f2b5392a615a11089900104c04

  • SHA1

    968a4ed1b8e71eb7b322a40cb6a27f433ebe1222

  • SHA256

    4815ba04175313458402711bd8a7ec56101f800501b1304b991ae92e787bc17d

  • SHA512

    b9f718463e8a8b2c049e1e6faabef6040f97e0b6758e47231e911b54dca1dec630efec7960d8424c50d4643bf72ae632506ae546d8b0ced95c882f92ed764929

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4815ba04175313458402711bd8a7ec56101f800501b1304b991ae92e787bc17d.exe
    "C:\Users\Admin\AppData\Local\Temp\4815ba04175313458402711bd8a7ec56101f800501b1304b991ae92e787bc17d.exe"
    1⤵
      PID:2176

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2176-115-0x00000000031B6000-0x00000000031D9000-memory.dmp
      Filesize

      140KB

      Download
    • memory/2176-117-0x0000000000400000-0x0000000002DBD000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2176-116-0x0000000003100000-0x0000000003130000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2176-118-0x0000000004AC0000-0x0000000004ADF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2176-119-0x0000000007700000-0x0000000007701000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-120-0x0000000004BC0000-0x0000000004BDD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2176-121-0x0000000007C00000-0x0000000007C01000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-122-0x0000000004E20000-0x0000000004E21000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-123-0x0000000007520000-0x0000000007521000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-124-0x0000000004E50000-0x0000000004E51000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-125-0x00000000076F0000-0x00000000076F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-126-0x00000000076F2000-0x00000000076F3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-128-0x00000000076F4000-0x00000000076F6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2176-127-0x00000000076F3000-0x00000000076F4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2176-129-0x0000000004EE0000-0x0000000004EE1000-memory.dmp
      Filesize

      4KB

      Download