Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    152s
  • max time network
    156s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    20-10-2021 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    357b6db4c34e67faecb744af511e271f831f65ceb76e6416bcd4213056764ac0.exe

  • Size

    406KB

  • MD5

    9b2f29007903d63d02e508dda1465877

  • SHA1

    3c55b8b185728e86e51191a126282971f6119a39

  • SHA256

    357b6db4c34e67faecb744af511e271f831f65ceb76e6416bcd4213056764ac0

  • SHA512

    32d1bf02ae31002d8e73f2be1f97c3261dd924d3e19fd8af5e6280b7f0a397d90a98a8a5ddbe706c17beac7e249995a8382f10b68826073724bffb3780091663

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\357b6db4c34e67faecb744af511e271f831f65ceb76e6416bcd4213056764ac0.exe
    "C:\Users\Admin\AppData\Local\Temp\357b6db4c34e67faecb744af511e271f831f65ceb76e6416bcd4213056764ac0.exe"
    1⤵
      PID:3392

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3392-116-0x0000000002FA0000-0x0000000002FD0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3392-117-0x0000000000400000-0x0000000002DBC000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/3392-118-0x0000000004BE0000-0x0000000004BFF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3392-119-0x0000000007560000-0x0000000007561000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-120-0x0000000004CB0000-0x0000000004CCD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3392-121-0x0000000007550000-0x0000000007551000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-122-0x0000000007552000-0x0000000007553000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-123-0x0000000007553000-0x0000000007554000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-124-0x0000000007A60000-0x0000000007A61000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-125-0x00000000074D0000-0x00000000074D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-126-0x0000000008070000-0x0000000008071000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-127-0x0000000007500000-0x0000000007501000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3392-128-0x0000000007554000-0x0000000007556000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3392-129-0x00000000081B0000-0x00000000081B1000-memory.dmp
      Filesize

      4KB

      Download