Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 13:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ede28b64dcb61bd426997a9507294be6185bb63ecbadc503046ac80dbc9e37dd.exe

  • Size

    337KB

  • MD5

    b21319e935e0784dad1348af0a1fbfea

  • SHA1

    0d76a71d98581f9696d3316a325edc9a247062c1

  • SHA256

    ede28b64dcb61bd426997a9507294be6185bb63ecbadc503046ac80dbc9e37dd

  • SHA512

    b579dceaeb604dd7c5e44856393997660b5fcfa4c8d37408755c47cbc9df8dd9fa53c5d2764f0ff299c5402e0685bdadf14f87fd89506cae4f5c825597466be5

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ede28b64dcb61bd426997a9507294be6185bb63ecbadc503046ac80dbc9e37dd.exe
    "C:\Users\Admin\AppData\Local\Temp\ede28b64dcb61bd426997a9507294be6185bb63ecbadc503046ac80dbc9e37dd.exe"
    1⤵
      PID:3488

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3488-116-0x0000000004C70000-0x0000000004CA0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3488-115-0x0000000004C40000-0x0000000004C62000-memory.dmp
      Filesize

      136KB

      Download
    • memory/3488-117-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/3488-118-0x0000000004D80000-0x0000000004D9F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3488-119-0x0000000007720000-0x0000000007721000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-120-0x0000000007730000-0x0000000007731000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-121-0x0000000004FA0000-0x0000000004FBD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3488-122-0x0000000007C30000-0x0000000007C31000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-123-0x0000000005220000-0x0000000005221000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-124-0x0000000007722000-0x0000000007723000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-126-0x0000000008240000-0x0000000008241000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-125-0x0000000007723000-0x0000000007724000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-127-0x0000000007690000-0x0000000007691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3488-128-0x0000000007724000-0x0000000007726000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3488-129-0x0000000008350000-0x0000000008351000-memory.dmp
      Filesize

      4KB

      Download