Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 17:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    68065ee28d7a65bc443642e0a24da11467a6b366a5c50c1a02e63092fb89897e.exe

  • Size

    337KB

  • MD5

    691e2dcd636a76a514942e968366ee43

  • SHA1

    43232978574660dfe35f1194bb0c46b5ddef7206

  • SHA256

    68065ee28d7a65bc443642e0a24da11467a6b366a5c50c1a02e63092fb89897e

  • SHA512

    c356818986f2ce60a65bc91049f9c7c7a3ac96a04793ee3ec7e5b35bfb4cdadc8e11a3e65eafb5b72814086754e2b0a8ab630fa6e58577fe8b3dfc2a195e7016

Score
10/10
redlineutsinfostealer

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\68065ee28d7a65bc443642e0a24da11467a6b366a5c50c1a02e63092fb89897e.exe
    "C:\Users\Admin\AppData\Local\Temp\68065ee28d7a65bc443642e0a24da11467a6b366a5c50c1a02e63092fb89897e.exe"
    1⤵
      PID:2648

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2648-116-0x00000000031C0000-0x00000000031F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2648-115-0x0000000003080000-0x00000000030A2000-memory.dmp
      Filesize

      136KB

      Download
    • memory/2648-117-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/2648-118-0x0000000004D30000-0x0000000004D4F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2648-119-0x0000000007780000-0x0000000007781000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-120-0x0000000005140000-0x000000000515D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2648-122-0x0000000007772000-0x0000000007773000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-121-0x0000000007770000-0x0000000007771000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-123-0x0000000007773000-0x0000000007774000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-124-0x0000000007C80000-0x0000000007C81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-125-0x0000000007670000-0x0000000007671000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-126-0x0000000008290000-0x0000000008291000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-127-0x0000000007774000-0x0000000007776000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2648-128-0x0000000007690000-0x0000000007691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-129-0x0000000007710000-0x0000000007711000-memory.dmp
      Filesize

      4KB

      Download