Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 13:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a688b6b2de462784eb63dd70e9b284a05dfae3d29aa83f0236dea492e83615fa.exe

  • Size

    407KB

  • MD5

    8d640f14045e0425f953ba996244908a

  • SHA1

    a7e86463c149fbebdd3e11659b01f6c2f5b7fc4b

  • SHA256

    a688b6b2de462784eb63dd70e9b284a05dfae3d29aa83f0236dea492e83615fa

  • SHA512

    d96851852c63793ff176db66543df7a7a464bdcf18a0faebd21f52c5963b79db944cf3b2d882c9e235fda781dc18fff49c8030095e5c8ee49393332c016dad9a

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a688b6b2de462784eb63dd70e9b284a05dfae3d29aa83f0236dea492e83615fa.exe
    "C:\Users\Admin\AppData\Local\Temp\a688b6b2de462784eb63dd70e9b284a05dfae3d29aa83f0236dea492e83615fa.exe"
    1⤵
      PID:2404

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2404-116-0x0000000004C10000-0x0000000004C2F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2404-117-0x00000000075B0000-0x00000000075B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-118-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2404-120-0x00000000075A0000-0x00000000075A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-119-0x0000000000400000-0x0000000002DBC000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2404-121-0x00000000075A2000-0x00000000075A3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-122-0x00000000075A3000-0x00000000075A4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-123-0x0000000004D70000-0x0000000004D8D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2404-124-0x0000000007AB0000-0x0000000007AB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-125-0x0000000004F40000-0x0000000004F41000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-126-0x0000000007450000-0x0000000007451000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-127-0x0000000004F70000-0x0000000004F71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2404-128-0x00000000075A4000-0x00000000075A6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2404-129-0x00000000080C0000-0x00000000080C1000-memory.dmp
      Filesize

      4KB

      Download