Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    147s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 22:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b46288840857373435488447f0fff55683148ec71ba54adbe9c42dbf7a1c34f2.exe

  • Size

    337KB

  • MD5

    59e0aa585fe5d4c7a90c49740e5e4c8e

  • SHA1

    a5db5401ec9d7a1f37decb4144afa025716d45fc

  • SHA256

    b46288840857373435488447f0fff55683148ec71ba54adbe9c42dbf7a1c34f2

  • SHA512

    8cda80572612ec35bf0bffc7af78172a3f72a084bee1c41beb97edb1a3beec98c139f3f8a8ec7446547d84252238df3310d90aab1f36e93d4fb1239228c42b4a

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b46288840857373435488447f0fff55683148ec71ba54adbe9c42dbf7a1c34f2.exe
    "C:\Users\Admin\AppData\Local\Temp\b46288840857373435488447f0fff55683148ec71ba54adbe9c42dbf7a1c34f2.exe"
    1⤵
      PID:4384

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4384-115-0x0000000004C70000-0x0000000004C93000-memory.dmp
      Filesize

      140KB

      Download
    • memory/4384-116-0x0000000004CA0000-0x0000000004CD0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/4384-117-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/4384-118-0x0000000004EE0000-0x0000000004EFF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/4384-119-0x00000000078B0000-0x00000000078B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-120-0x00000000078B2000-0x00000000078B3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-121-0x00000000078C0000-0x00000000078C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-122-0x0000000004F40000-0x0000000004F5D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/4384-123-0x0000000007DC0000-0x0000000007DC1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-124-0x0000000005100000-0x0000000005101000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-125-0x00000000078B3000-0x00000000078B4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-126-0x0000000007760000-0x0000000007761000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-127-0x0000000005240000-0x0000000005241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4384-128-0x00000000078B4000-0x00000000078B6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/4384-129-0x00000000052C0000-0x00000000052C1000-memory.dmp
      Filesize

      4KB

      Download