Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    159s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    21-10-2021 14:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    59e33e622b5d4c911cc9435bee18ca61c186eab28968e3e159f9e7e8fcd2db78.exe

  • Size

    337KB

  • MD5

    f6a94227ccad040bdd055084c33511b1

  • SHA1

    01e7b6ad03839481590ba74fefb3319a270a8976

  • SHA256

    59e33e622b5d4c911cc9435bee18ca61c186eab28968e3e159f9e7e8fcd2db78

  • SHA512

    3634a9dfe600b5d5ac5deee55a578b9092bd955114b19f68cd9b0ea23a528761877f64d15208f06a9c6711fc3b16038dc343c88fbdf21f659ff1fb0905587fd4

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\59e33e622b5d4c911cc9435bee18ca61c186eab28968e3e159f9e7e8fcd2db78.exe
    "C:\Users\Admin\AppData\Local\Temp\59e33e622b5d4c911cc9435bee18ca61c186eab28968e3e159f9e7e8fcd2db78.exe"
    1⤵
      PID:3496

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3496-115-0x0000000004CA0000-0x0000000004CBF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3496-116-0x0000000007610000-0x0000000007611000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-117-0x0000000004D70000-0x0000000004D8D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3496-118-0x0000000007B10000-0x0000000007B11000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-119-0x0000000002F20000-0x000000000306A000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/3496-121-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/3496-120-0x0000000004B40000-0x0000000004B70000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3496-122-0x0000000004F30000-0x0000000004F31000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-123-0x0000000007600000-0x0000000007601000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-125-0x0000000008120000-0x0000000008121000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-126-0x0000000007603000-0x0000000007604000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-124-0x0000000007602000-0x0000000007603000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-127-0x0000000007550000-0x0000000007551000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3496-128-0x0000000007604000-0x0000000007606000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3496-129-0x0000000008230000-0x0000000008231000-memory.dmp
      Filesize

      4KB

      Download