Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    145s
  • max time network
    160s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    22-10-2021 09:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b9d13ec3e0bc65e6efe7633b50cd0b510852da83a51ff7241291e7e06d1fd99.exe

  • Size

    358KB

  • MD5

    82b32a6b7f59b6d418eb068cd6ddd663

  • SHA1

    8a5f58c88129d85fccbd4309117e3a7219e3b317

  • SHA256

    3b9d13ec3e0bc65e6efe7633b50cd0b510852da83a51ff7241291e7e06d1fd99

  • SHA512

    4e85dae81eae3622ee5c58550462531bc1c1b378e44cafb686ead2e8e26d16f0a88d47f3417f6a28f7e21b9307543bdcb70c5e90645e983a799cf29527d4efa3

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b9d13ec3e0bc65e6efe7633b50cd0b510852da83a51ff7241291e7e06d1fd99.exe
    "C:\Users\Admin\AppData\Local\Temp\3b9d13ec3e0bc65e6efe7633b50cd0b510852da83a51ff7241291e7e06d1fd99.exe"
    1⤵
      PID:3116

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3116-116-0x0000000000B56000-0x0000000000B79000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3116-118-0x0000000000400000-0x0000000000889000-memory.dmp
      Filesize

      4.5MB

      Download
    • memory/3116-117-0x0000000000AE0000-0x0000000000B10000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3116-119-0x00000000026C0000-0x00000000026DF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3116-120-0x0000000005020000-0x0000000005021000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-121-0x0000000002820000-0x000000000283D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3116-122-0x0000000005520000-0x0000000005521000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-123-0x0000000004E60000-0x0000000004E61000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-124-0x0000000004E90000-0x0000000004E91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-125-0x0000000005010000-0x0000000005011000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-126-0x0000000005012000-0x0000000005013000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-127-0x0000000005013000-0x0000000005014000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-128-0x0000000005014000-0x0000000005016000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3116-129-0x0000000004FA0000-0x0000000004FA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3116-130-0x0000000005B40000-0x0000000005B41000-memory.dmp
      Filesize

      4KB

      Download