Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    134s
  • max time network
    157s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    22-10-2021 09:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    63b52acb6acfbc9b61d3ba817375dde21ae646b7543c538ddadbdfcf00ecf035.exe

  • Size

    385KB

  • MD5

    5e7cf73e6b4a69e03ebaa9a5bb944bde

  • SHA1

    ae20ca53b3d8b795faa34175310094e500247b2b

  • SHA256

    63b52acb6acfbc9b61d3ba817375dde21ae646b7543c538ddadbdfcf00ecf035

  • SHA512

    f848a403cfa9f86660f0e84b22e27bb45c056b6073cb497051573e447152dc0688cf310237ad0c68acc98740bc91d76ea5271ee61eb20fec89b23503f3b4bbd1

Score
10/10
redlinepaladininfostealer

Malware Config

Extracted

Family

redline

Botnet

paladin

C2

188.68.201.6:10085

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\63b52acb6acfbc9b61d3ba817375dde21ae646b7543c538ddadbdfcf00ecf035.exe
    "C:\Users\Admin\AppData\Local\Temp\63b52acb6acfbc9b61d3ba817375dde21ae646b7543c538ddadbdfcf00ecf035.exe"
    1⤵
      PID:760

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/760-116-0x0000000002720000-0x000000000274F000-memory.dmp
      Filesize

      188KB

      Download
    • memory/760-117-0x0000000004EE0000-0x0000000004EE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-118-0x0000000004E00000-0x0000000004E2E000-memory.dmp
      Filesize

      184KB

      Download
    • memory/760-119-0x00000000053E0000-0x00000000053E1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-120-0x0000000004EA0000-0x0000000004EA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-122-0x0000000000400000-0x0000000000890000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/760-121-0x00000000008D0000-0x0000000000914000-memory.dmp
      Filesize

      272KB

      Download
    • memory/760-123-0x0000000004ED0000-0x0000000004ED1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-124-0x0000000004ED2000-0x0000000004ED3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-126-0x00000000059F0000-0x00000000059F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-125-0x0000000004ED3000-0x0000000004ED4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-127-0x0000000005B40000-0x0000000005B41000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-128-0x0000000005B80000-0x0000000005B81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/760-129-0x0000000004ED4000-0x0000000004ED6000-memory.dmp
      Filesize

      8KB

      Download