Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    21-10-2021 18:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9841b0aa351cff50be26f560961449d511438859ba68505d2b9051fb30de4c23.exe

  • Size

    336KB

  • MD5

    da0358c0e42224fbaa7d17f73a9fcb30

  • SHA1

    92919ba02c6a8eef7470d51d48d6bd7a1bc62082

  • SHA256

    9841b0aa351cff50be26f560961449d511438859ba68505d2b9051fb30de4c23

  • SHA512

    4d20b591129db63a9ea9e2b7df7d781b8ef382b63696cb17f2cd0dabb841e79e52e3ade9fd2432f89a3298ef3372f784d8fa4d9314f389810ebd56469bc93969

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9841b0aa351cff50be26f560961449d511438859ba68505d2b9051fb30de4c23.exe
    "C:\Users\Admin\AppData\Local\Temp\9841b0aa351cff50be26f560961449d511438859ba68505d2b9051fb30de4c23.exe"
    1⤵
      PID:4220

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4220-116-0x0000000004C70000-0x0000000004CA0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/4220-115-0x0000000004C40000-0x0000000004C62000-memory.dmp
      Filesize

      136KB

      Download
    • memory/4220-117-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/4220-118-0x0000000007540000-0x000000000755F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/4220-119-0x0000000007650000-0x0000000007651000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-120-0x00000000075B0000-0x00000000075CD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/4220-121-0x0000000007640000-0x0000000007641000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-122-0x0000000007642000-0x0000000007643000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-123-0x0000000007643000-0x0000000007644000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-124-0x0000000007B50000-0x0000000007B51000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-125-0x00000000081A0000-0x00000000081A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-126-0x00000000081C0000-0x00000000081C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-127-0x00000000082D0000-0x00000000082D1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4220-128-0x0000000007644000-0x0000000007646000-memory.dmp
      Filesize

      8KB

      Download
    • memory/4220-129-0x0000000008340000-0x0000000008341000-memory.dmp
      Filesize

      4KB

      Download