Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 23:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b1eb494dd7287c7b596a58ed7195315432f78dc831bafa0947199b6298f5b896.exe

  • Size

    358KB

  • MD5

    5b43d70711c727a604d3c4514f8cb0c0

  • SHA1

    6dc576a2d811ca0f839aa5b281e507e996907bf3

  • SHA256

    b1eb494dd7287c7b596a58ed7195315432f78dc831bafa0947199b6298f5b896

  • SHA512

    e2eec48cc8c55c59a09521f77e22f4d1e4562da40ace6888806dfb079ba92fe8919c09d307bed6771ab9f2f288256d3b5a41a5c4c4fc1fd6f72fe7cccaed815f

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b1eb494dd7287c7b596a58ed7195315432f78dc831bafa0947199b6298f5b896.exe
    "C:\Users\Admin\AppData\Local\Temp\b1eb494dd7287c7b596a58ed7195315432f78dc831bafa0947199b6298f5b896.exe"
    1⤵
      PID:1272

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1272-115-0x0000000000AA1000-0x0000000000AC4000-memory.dmp
      Filesize

      140KB

      Download
    • memory/1272-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/1272-117-0x0000000000400000-0x0000000000889000-memory.dmp
      Filesize

      4.5MB

      Download
    • memory/1272-118-0x0000000000CF0000-0x0000000000D0F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1272-119-0x0000000005000000-0x0000000005001000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-120-0x0000000004F10000-0x0000000004F2D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/1272-121-0x0000000005B10000-0x0000000005B11000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-123-0x0000000004FF2000-0x0000000004FF3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-124-0x0000000004FF3000-0x0000000004FF4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-122-0x0000000004FF0000-0x0000000004FF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-125-0x0000000004FA0000-0x0000000004FA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-126-0x0000000005500000-0x0000000005501000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-127-0x0000000005610000-0x0000000005611000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1272-128-0x0000000004FF4000-0x0000000004FF6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1272-129-0x0000000005670000-0x0000000005671000-memory.dmp
      Filesize

      4KB

      Download