Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    22-10-2021 21:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e3b5fad4cc28e63a8e030d0f5460aece4cc840622bb21b4392d50f73a7bd826c.exe

  • Size

    407KB

  • MD5

    06b7bc518324964080dc864f3f545467

  • SHA1

    024ae9a47033b55d59f6a7743b60ff1f52f10703

  • SHA256

    e3b5fad4cc28e63a8e030d0f5460aece4cc840622bb21b4392d50f73a7bd826c

  • SHA512

    733cb4d5e47e2540101e1e9a887c0e8fdbbeb2aac9fe45e0d6c8d3ca93142fb05fa0e3d6627de4d77e8fe9e051b0406bcf918cf47127213401c8c9e81892f35d

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e3b5fad4cc28e63a8e030d0f5460aece4cc840622bb21b4392d50f73a7bd826c.exe
    "C:\Users\Admin\AppData\Local\Temp\e3b5fad4cc28e63a8e030d0f5460aece4cc840622bb21b4392d50f73a7bd826c.exe"
    1⤵
      PID:2756

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2756-117-0x0000000000400000-0x0000000000895000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/2756-116-0x00000000008A0000-0x000000000094E000-memory.dmp
      Filesize

      696KB

      Download
    • memory/2756-118-0x0000000002660000-0x000000000267F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2756-120-0x0000000004F92000-0x0000000004F93000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-119-0x0000000004F90000-0x0000000004F91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-121-0x0000000004F93000-0x0000000004F94000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-122-0x0000000004FA0000-0x0000000004FA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-123-0x0000000002750000-0x000000000276D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2756-124-0x00000000054A0000-0x00000000054A1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-125-0x0000000002A20000-0x0000000002A21000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-126-0x0000000005AB0000-0x0000000005AB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-127-0x0000000004ED0000-0x0000000004ED1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2756-128-0x0000000004F94000-0x0000000004F96000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2756-129-0x0000000004F20000-0x0000000004F21000-memory.dmp
      Filesize

      4KB

      Download