Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 23:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d17fc8881ecfdb14398066add4dc5da2cfdfa846ead0c68ebf0b99c04c5aa9c8.exe

  • Size

    385KB

  • MD5

    07e1bee12f4cd1c0f569a1835713c3de

  • SHA1

    fc45e415182ed209cf7973672435d45d8ed69a78

  • SHA256

    d17fc8881ecfdb14398066add4dc5da2cfdfa846ead0c68ebf0b99c04c5aa9c8

  • SHA512

    d5ea646467268971c9a28db991904bf3372cbaabbe529d32e56a7df5cd4e8182e3cfba60945cd176da038d607d0d00c0daf30c9b43645c1ab60d3798799df860

Score
10/10
redlinepaladininfostealer

Malware Config

Extracted

Family

redline

Botnet

paladin

C2

188.68.201.6:10085

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d17fc8881ecfdb14398066add4dc5da2cfdfa846ead0c68ebf0b99c04c5aa9c8.exe
    "C:\Users\Admin\AppData\Local\Temp\d17fc8881ecfdb14398066add4dc5da2cfdfa846ead0c68ebf0b99c04c5aa9c8.exe"
    1⤵
      PID:4396

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4396-115-0x0000000000C51000-0x0000000000C7B000-memory.dmp
      Filesize

      168KB

      Download
    • memory/4396-117-0x0000000000400000-0x0000000000890000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/4396-116-0x0000000000890000-0x00000000009DA000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/4396-118-0x0000000002710000-0x000000000273F000-memory.dmp
      Filesize

      188KB

      Download
    • memory/4396-119-0x0000000004FB0000-0x0000000004FB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-121-0x0000000004FA2000-0x0000000004FA3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-120-0x0000000004FA0000-0x0000000004FA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-122-0x0000000004FA3000-0x0000000004FA4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-123-0x0000000002780000-0x00000000027AE000-memory.dmp
      Filesize

      184KB

      Download
    • memory/4396-124-0x00000000054B0000-0x00000000054B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-125-0x0000000002B50000-0x0000000002B51000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-126-0x0000000005AC0000-0x0000000005AC1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-127-0x0000000004FA4000-0x0000000004FA6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/4396-128-0x0000000004ED0000-0x0000000004ED1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4396-129-0x0000000004F50000-0x0000000004F51000-memory.dmp
      Filesize

      4KB

      Download