Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    22-10-2021 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ee7e7a86c80fb1433d4448f030bc33c3b72a97845e4b2642cc1e0a7b2f14dcd.exe

  • Size

    418KB

  • MD5

    6233f32c20a1b82831f9b80cb41db300

  • SHA1

    56612f59080149070df88a950b8c45e5e797eb78

  • SHA256

    5ee7e7a86c80fb1433d4448f030bc33c3b72a97845e4b2642cc1e0a7b2f14dcd

  • SHA512

    a1caa4f10fe29a2503ab779668e7741dc8352c79e2f6b01436db3d14e819cc9fb1958a5ed4c60fdc54d202160f97a0b58cf89de2997db0066bf0bec549b889bf

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ee7e7a86c80fb1433d4448f030bc33c3b72a97845e4b2642cc1e0a7b2f14dcd.exe
    "C:\Users\Admin\AppData\Local\Temp\5ee7e7a86c80fb1433d4448f030bc33c3b72a97845e4b2642cc1e0a7b2f14dcd.exe"
    1⤵
      PID:4216

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4216-115-0x0000000000B46000-0x0000000000B69000-memory.dmp
      Filesize

      140KB

      Download
    • memory/4216-116-0x00000000009B0000-0x00000000009E0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/4216-117-0x0000000000400000-0x0000000000898000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/4216-118-0x0000000002730000-0x000000000274F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/4216-120-0x0000000005042000-0x0000000005043000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-119-0x0000000005040000-0x0000000005041000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-121-0x0000000005043000-0x0000000005044000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-122-0x0000000005050000-0x0000000005051000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-123-0x00000000029F0000-0x0000000002A0D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/4216-124-0x0000000005550000-0x0000000005551000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-125-0x0000000004FD0000-0x0000000004FD1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-126-0x0000000005B60000-0x0000000005B61000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-127-0x0000000005044000-0x0000000005046000-memory.dmp
      Filesize

      8KB

      Download
    • memory/4216-128-0x0000000004FF0000-0x0000000004FF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4216-129-0x0000000005C90000-0x0000000005C91000-memory.dmp
      Filesize

      4KB

      Download