Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    152s
  • max time network
    155s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    21-10-2021 20:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a697e2651276e7c18f670abf0d8ed4a687cba62457b94aa075f594886d2c7de8.exe

  • Size

    337KB

  • MD5

    e358427dc9b0549841bea4450497358e

  • SHA1

    6d5debe3a517bbd7c24eab1e9a7515a026cca228

  • SHA256

    a697e2651276e7c18f670abf0d8ed4a687cba62457b94aa075f594886d2c7de8

  • SHA512

    1bc998be640e12913c5c981cd35bd3e91b0ea528f4e34f4585765f76be56a268b329021e801033267a8ae9b997cd889a3bc422a90314d0f9dfeef146fb5d653d

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a697e2651276e7c18f670abf0d8ed4a687cba62457b94aa075f594886d2c7de8.exe
    "C:\Users\Admin\AppData\Local\Temp\a697e2651276e7c18f670abf0d8ed4a687cba62457b94aa075f594886d2c7de8.exe"
    1⤵
      PID:1860

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1860-115-0x0000000004B30000-0x0000000004B53000-memory.dmp
      Filesize

      140KB

      Download
    • memory/1860-116-0x0000000004B60000-0x0000000004B90000-memory.dmp
      Filesize

      192KB

      Download
    • memory/1860-117-0x0000000000400000-0x0000000002F1B000-memory.dmp
      Filesize

      43.1MB

      Download
    • memory/1860-118-0x0000000004D10000-0x0000000004D2F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/1860-119-0x0000000007710000-0x0000000007711000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-120-0x0000000007712000-0x0000000007713000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-121-0x0000000007713000-0x0000000007714000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-122-0x0000000007720000-0x0000000007721000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-123-0x00000000075B0000-0x00000000075CD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/1860-124-0x0000000007C20000-0x0000000007C21000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-125-0x0000000007660000-0x0000000007661000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-126-0x0000000008230000-0x0000000008231000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-127-0x0000000007690000-0x0000000007691000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-128-0x0000000008340000-0x0000000008341000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1860-129-0x0000000007714000-0x0000000007716000-memory.dmp
      Filesize

      8KB

      Download