Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    149s
  • max time network
    164s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    21-10-2021 15:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eacc572a4bddba8ad88306fdc7fa1ee92084ac55dd0b5c412c21bf6e66284d82.exe

  • Size

    337KB

  • MD5

    0faaabdc179917e53b3b8101d3ac5ea3

  • SHA1

    d530cbd094a30324760cf0acb7299e93d90c451c

  • SHA256

    eacc572a4bddba8ad88306fdc7fa1ee92084ac55dd0b5c412c21bf6e66284d82

  • SHA512

    157610f88a6d07eb42610cf4cb62f63651b37af2102cdc4658962dd0e13d11c0e2fb50e23f01df8f2066f8b8ca145206a959c8a211ad646bae607c7544125e38

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eacc572a4bddba8ad88306fdc7fa1ee92084ac55dd0b5c412c21bf6e66284d82.exe
    "C:\Users\Admin\AppData\Local\Temp\eacc572a4bddba8ad88306fdc7fa1ee92084ac55dd0b5c412c21bf6e66284d82.exe"
    1⤵
      PID:2832

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2832-116-0x00000000030D0000-0x0000000003100000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2832-115-0x00000000030A0000-0x00000000030C2000-memory.dmp
      Filesize

      136KB

      Download
    • memory/2832-117-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/2832-118-0x0000000004D40000-0x0000000004D5F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2832-119-0x00000000076E0000-0x00000000076E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-120-0x0000000005040000-0x000000000505D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2832-121-0x0000000007BE0000-0x0000000007BE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-123-0x00000000076D2000-0x00000000076D3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-122-0x00000000076D0000-0x00000000076D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-124-0x00000000076D3000-0x00000000076D4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-125-0x0000000007660000-0x0000000007661000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-126-0x00000000081F0000-0x00000000081F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-127-0x0000000007690000-0x0000000007691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-128-0x0000000008340000-0x0000000008341000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2832-129-0x00000000076D4000-0x00000000076D6000-memory.dmp
      Filesize

      8KB

      Download