Overview

overview

10

Static

static

dridex

windows10_x64

10

Resubmissions

20-10-2021 08:53

211020-ktqfqaggf6 10

Analysis

  • max time kernel
    147s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 08:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1bf56558ad6a3280c5e933cfbb62449ec26348277562387504d2a728e6754ca7.exe

  • Size

    406KB

  • MD5

    2a173977e3c6b2a1c8d8ad0fa8587d32

  • SHA1

    dd9e893a93f3a0eaef4db6acd4d11789d94d4dfb

  • SHA256

    1bf56558ad6a3280c5e933cfbb62449ec26348277562387504d2a728e6754ca7

  • SHA512

    7ce58fd41e8684a5f065115c73b40a3dd667bc0ec79c357b2457682d00f3e518277c4d26883d7071ee69804b06122ac78683c4f8c0af030dd744ab0513966ef9

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1bf56558ad6a3280c5e933cfbb62449ec26348277562387504d2a728e6754ca7.exe
    "C:\Users\Admin\AppData\Local\Temp\1bf56558ad6a3280c5e933cfbb62449ec26348277562387504d2a728e6754ca7.exe"
    1⤵
      PID:1812

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1812-115-0x00000000030E1000-0x0000000003104000-memory.dmp

      Filesize

      140KB

      Download

    • memory/1812-116-0x00000000001C0000-0x00000000001F0000-memory.dmp

      Filesize

      192KB

      Download

    • memory/1812-117-0x0000000004B20000-0x0000000004B3F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/1812-118-0x00000000075C0000-0x00000000075C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-119-0x0000000004C20000-0x0000000004C3D000-memory.dmp

      Filesize

      116KB

      Download

    • memory/1812-120-0x0000000007AC0000-0x0000000007AC1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-121-0x0000000000400000-0x0000000002DBD000-memory.dmp

      Filesize

      41.7MB

      Download

    • memory/1812-122-0x0000000004E10000-0x0000000004E11000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-123-0x0000000004E12000-0x0000000004E13000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-124-0x0000000004E13000-0x0000000004E14000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-125-0x0000000004DE0000-0x0000000004DE1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-126-0x00000000080D0000-0x00000000080D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-127-0x0000000004E80000-0x0000000004E81000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-128-0x0000000004EF0000-0x0000000004EF1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1812-129-0x0000000004E14000-0x0000000004E16000-memory.dmp

      Filesize

      8KB

      Download