Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 15:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9c3d73152f7158b6e4fbd689878b46770a2176cfb88f9e0cf767747796453097.exe

  • Size

    337KB

  • MD5

    abf56e40eea1b5a628907ce58513068c

  • SHA1

    897bbee7eb231fcd23d533fce1ecc1bfb5f66193

  • SHA256

    9c3d73152f7158b6e4fbd689878b46770a2176cfb88f9e0cf767747796453097

  • SHA512

    2cfc102301783c69f7cbcf6c59cc033bf4cabf228b7440b1fda80015a76b828c995f7ec8ed99e49095f1999ce3cd56dbb520277f691bf5c6eac2004d3345716a

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9c3d73152f7158b6e4fbd689878b46770a2176cfb88f9e0cf767747796453097.exe
    "C:\Users\Admin\AppData\Local\Temp\9c3d73152f7158b6e4fbd689878b46770a2176cfb88f9e0cf767747796453097.exe"
    1⤵
      PID:3760

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3760-115-0x0000000002F70000-0x0000000002F92000-memory.dmp
      Filesize

      136KB

      Download
    • memory/3760-116-0x0000000004B40000-0x0000000004B70000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3760-117-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/3760-118-0x0000000007510000-0x000000000752F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3760-119-0x00000000076C0000-0x00000000076C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-120-0x00000000076C2000-0x00000000076C3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-121-0x00000000076C3000-0x00000000076C4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-122-0x00000000076D0000-0x00000000076D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-123-0x00000000075B0000-0x00000000075CD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3760-124-0x0000000007BD0000-0x0000000007BD1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-125-0x0000000007660000-0x0000000007661000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-126-0x00000000081E0000-0x00000000081E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-127-0x00000000082F0000-0x00000000082F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3760-128-0x00000000076C4000-0x00000000076C6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3760-129-0x0000000008340000-0x0000000008341000-memory.dmp
      Filesize

      4KB

      Download