Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    23-10-2021 23:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    49d7f47109dc2f8f8bf217383a4516e774d92e882eac944c4920235897294f32.exe

  • Size

    409KB

  • MD5

    06fd7c4e3629909afa6ae5b302cf6cd1

  • SHA1

    fd540258387bb5a74779ae747b667008bd660ce6

  • SHA256

    49d7f47109dc2f8f8bf217383a4516e774d92e882eac944c4920235897294f32

  • SHA512

    e38341086f4eb6f1228f50255c06c90c7689f60c1938c98da23e13a6cc14969bd059b6a03412d837c5c2c323522ff989831389a2e191e54b621c542a630c4d59

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\49d7f47109dc2f8f8bf217383a4516e774d92e882eac944c4920235897294f32.exe
    "C:\Users\Admin\AppData\Local\Temp\49d7f47109dc2f8f8bf217383a4516e774d92e882eac944c4920235897294f32.exe"
    1⤵
      PID:2648

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2648-115-0x0000000000C01000-0x0000000000C24000-memory.dmp
      Filesize

      140KB

      Download
    • memory/2648-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2648-117-0x0000000000400000-0x0000000000895000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/2648-118-0x0000000000E30000-0x0000000000E4F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2648-119-0x0000000005260000-0x0000000005261000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-120-0x0000000005250000-0x0000000005251000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-121-0x0000000005252000-0x0000000005253000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-122-0x0000000005253000-0x0000000005254000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-123-0x0000000002740000-0x000000000275D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2648-124-0x0000000005760000-0x0000000005761000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-125-0x0000000002840000-0x0000000002841000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-126-0x0000000005120000-0x0000000005121000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-127-0x0000000005254000-0x0000000005256000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2648-128-0x0000000002880000-0x0000000002881000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2648-129-0x0000000002B10000-0x0000000002B11000-memory.dmp
      Filesize

      4KB

      Download