Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    161s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    20-10-2021 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1345fbd5153abe408c03f8a61bff550e8fc9de1b12b197f2e7913701226a3e61.exe

  • Size

    411KB

  • MD5

    1359b7832bd6e22bfca687db284e8f6c

  • SHA1

    f259a61ad76acd5f8e828e5b840c51fd346b574a

  • SHA256

    1345fbd5153abe408c03f8a61bff550e8fc9de1b12b197f2e7913701226a3e61

  • SHA512

    efa4b478e58026c3d9904c087f354df281adb31b03756e8b3688e9a82fa59490e7c8fd8b88bc1c4d4a82299e42df520db03940397dbad68c3761b2c2b7913916

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1345fbd5153abe408c03f8a61bff550e8fc9de1b12b197f2e7913701226a3e61.exe
    "C:\Users\Admin\AppData\Local\Temp\1345fbd5153abe408c03f8a61bff550e8fc9de1b12b197f2e7913701226a3e61.exe"
    1⤵
      PID:2072

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2072-116-0x0000000002EB0000-0x0000000002FFA000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/2072-117-0x0000000000400000-0x0000000002DBD000-memory.dmp
      Filesize

      41.7MB

      Download
    • memory/2072-118-0x0000000004D20000-0x0000000004D3F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2072-119-0x00000000075E0000-0x00000000075E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-120-0x0000000004DC0000-0x0000000004DDD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2072-121-0x0000000007AE0000-0x0000000007AE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-122-0x0000000004E90000-0x0000000004E91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-123-0x00000000080F0000-0x00000000080F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-124-0x0000000004E80000-0x0000000004E81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-125-0x0000000004E82000-0x0000000004E83000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-126-0x0000000004E83000-0x0000000004E84000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-127-0x0000000004E84000-0x0000000004E86000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2072-128-0x00000000050C0000-0x00000000050C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2072-129-0x0000000005140000-0x0000000005141000-memory.dmp
      Filesize

      4KB

      Download