Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    152s
  • max time network
    167s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    23-10-2021 02:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d04a3922af185381c262dd82b6ae807f47874b167485cf62df608de897b99696.exe

  • Size

    407KB

  • MD5

    0fe5032a929622dba26ddc9c07b33d0d

  • SHA1

    5a300136e8e3012c97761d9ead07dab6152f536e

  • SHA256

    d04a3922af185381c262dd82b6ae807f47874b167485cf62df608de897b99696

  • SHA512

    f4bf6a849e2744f3120d0842a99f7182485dd02e5d03c9d300b6e3c5d650f7b1ed1fb4f17825d2f1104178bc997bae49cf323fd5bea37d8bf2e09fc5eb61f2e0

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d04a3922af185381c262dd82b6ae807f47874b167485cf62df608de897b99696.exe
    "C:\Users\Admin\AppData\Local\Temp\d04a3922af185381c262dd82b6ae807f47874b167485cf62df608de897b99696.exe"
    1⤵
      PID:3564

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3564-118-0x0000000000B06000-0x0000000000B29000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3564-119-0x00000000028D0000-0x00000000028EF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3564-120-0x0000000004EF0000-0x0000000004EF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-122-0x0000000000400000-0x0000000000895000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/3564-121-0x0000000000CF0000-0x0000000000D20000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3564-123-0x0000000004EE0000-0x0000000004EE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-125-0x0000000004EE3000-0x0000000004EE4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-124-0x0000000004EE2000-0x0000000004EE3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-126-0x0000000002A90000-0x0000000002AAD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3564-127-0x00000000053F0000-0x00000000053F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-128-0x0000000004E70000-0x0000000004E71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-129-0x0000000005A00000-0x0000000005A01000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-130-0x0000000004EE4000-0x0000000004EE6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3564-131-0x0000000004EA0000-0x0000000004EA1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3564-132-0x0000000005B50000-0x0000000005B51000-memory.dmp
      Filesize

      4KB

      Download