Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    164s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    21-10-2021 10:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    718ce24f2b6842aa43c9a9effa255e2a699e7473f5f9205ebd8ce8c88dfb7499.exe

  • Size

    337KB

  • MD5

    7fc214e0c3615bf55abbda4dd11226e6

  • SHA1

    a08dbf988a743623dd84f83b2e93673e4748d33f

  • SHA256

    718ce24f2b6842aa43c9a9effa255e2a699e7473f5f9205ebd8ce8c88dfb7499

  • SHA512

    1b64ca99c2e573767e990cb4ed58780bec3db21f1684ca8a3b54db88cab5fd327e05646e8cea364bae57a8113f3adc5d604e02c2bc7528fcb08d71c9534e4f4f

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\718ce24f2b6842aa43c9a9effa255e2a699e7473f5f9205ebd8ce8c88dfb7499.exe
    "C:\Users\Admin\AppData\Local\Temp\718ce24f2b6842aa43c9a9effa255e2a699e7473f5f9205ebd8ce8c88dfb7499.exe"
    1⤵
      PID:3824

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3824-115-0x0000000003190000-0x00000000031B2000-memory.dmp
      Filesize

      136KB

      Download
    • memory/3824-116-0x00000000031C0000-0x00000000031F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3824-117-0x0000000004EB0000-0x0000000004ECF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3824-118-0x0000000007770000-0x0000000007771000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-119-0x00000000050D0000-0x00000000050ED000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3824-120-0x0000000007C70000-0x0000000007C71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-121-0x0000000007660000-0x0000000007661000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-122-0x0000000008280000-0x0000000008281000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-123-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/3824-124-0x0000000007760000-0x0000000007761000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-125-0x0000000007762000-0x0000000007763000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-126-0x0000000007763000-0x0000000007764000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-127-0x0000000007690000-0x0000000007691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-128-0x0000000007710000-0x0000000007711000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3824-129-0x0000000007764000-0x0000000007766000-memory.dmp
      Filesize

      8KB

      Download