Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    146s
  • max time network
    161s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    22-10-2021 11:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6a4139755e090c0b9bb8fca15bc4df0411a59e41700bdb5c492829c3053ec7c2.exe

  • Size

    419KB

  • MD5

    312359d6206afc35f10b0813751081c0

  • SHA1

    291faf15b72a7d77f536a99ad083f6b8e73d5c30

  • SHA256

    6a4139755e090c0b9bb8fca15bc4df0411a59e41700bdb5c492829c3053ec7c2

  • SHA512

    81dc18b143e71a5f63147461aa586f2817c7fe70dba001cde9e293380475d1512f653034c064a3a44fd163db7011ce3206cc87cdb43a7ad1fc7b1d6422faa6ed

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6a4139755e090c0b9bb8fca15bc4df0411a59e41700bdb5c492829c3053ec7c2.exe
    "C:\Users\Admin\AppData\Local\Temp\6a4139755e090c0b9bb8fca15bc4df0411a59e41700bdb5c492829c3053ec7c2.exe"
    1⤵
      PID:3796

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3796-116-0x00000000008A0000-0x000000000094E000-memory.dmp
      Filesize

      696KB

      Download
    • memory/3796-117-0x0000000000400000-0x0000000000898000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/3796-118-0x0000000002630000-0x000000000264F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3796-119-0x0000000004FF0000-0x0000000004FF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-120-0x0000000002990000-0x00000000029AD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3796-122-0x0000000002A12000-0x0000000002A13000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-121-0x0000000002A10000-0x0000000002A11000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-123-0x0000000002A13000-0x0000000002A14000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-124-0x00000000054F0000-0x00000000054F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-125-0x0000000002B70000-0x0000000002B71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-126-0x0000000005B00000-0x0000000005B01000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-127-0x0000000005C10000-0x0000000005C11000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-128-0x0000000005C90000-0x0000000005C91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3796-129-0x0000000002A14000-0x0000000002A16000-memory.dmp
      Filesize

      8KB

      Download