Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    166s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 11:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c99bac2b46d96ff7b96dfb78c9e2c5d9c738761f76423530ab342467a4b91764.exe

  • Size

    405KB

  • MD5

    6ca035971998f3667fa743ed99cf1425

  • SHA1

    c6ced364d35ecc54c21ac105a4306d015829b9eb

  • SHA256

    c99bac2b46d96ff7b96dfb78c9e2c5d9c738761f76423530ab342467a4b91764

  • SHA512

    89a36939889bcb3cb47714433fc5a1a8b8873e4ee6ca32ccede21b10bdcc04fc620ac11a4c558690ac6d85f0216600148eb64a3f47b12eabf84751d87bc0e562

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c99bac2b46d96ff7b96dfb78c9e2c5d9c738761f76423530ab342467a4b91764.exe
    "C:\Users\Admin\AppData\Local\Temp\c99bac2b46d96ff7b96dfb78c9e2c5d9c738761f76423530ab342467a4b91764.exe"
    1⤵
      PID:3144

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3144-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3144-117-0x0000000004CC0000-0x0000000004CDF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3144-118-0x0000000007690000-0x0000000007691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-119-0x0000000004ED0000-0x0000000004EED000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3144-120-0x0000000007B90000-0x0000000007B91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-121-0x0000000004F80000-0x0000000004F81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-122-0x0000000007500000-0x0000000007501000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-124-0x0000000007680000-0x0000000007681000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-123-0x0000000000400000-0x0000000002DBC000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/3144-125-0x0000000007682000-0x0000000007683000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-126-0x0000000007683000-0x0000000007684000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-127-0x0000000007684000-0x0000000007686000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3144-128-0x0000000007610000-0x0000000007611000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3144-129-0x00000000081B0000-0x00000000081B1000-memory.dmp
      Filesize

      4KB

      Download