Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    23-10-2021 09:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1df54c2cbfa5a5b1adfc3cc5dd7d284e65f0a7056b9862994bae81a68b08f592.exe

  • Size

    409KB

  • MD5

    095955cb1fc2e986a7db1a78a901c443

  • SHA1

    0b12a7d43ed8dbde991649f26a15512341422ec2

  • SHA256

    1df54c2cbfa5a5b1adfc3cc5dd7d284e65f0a7056b9862994bae81a68b08f592

  • SHA512

    2527819730a0882fe5c4624a083d75a315a793b4944d00eb0cb7b8a4f1ff9eba75fc83827a054edb8f79957026581f595d000d3052a273c59c195f98ef1424af

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1df54c2cbfa5a5b1adfc3cc5dd7d284e65f0a7056b9862994bae81a68b08f592.exe
    "C:\Users\Admin\AppData\Local\Temp\1df54c2cbfa5a5b1adfc3cc5dd7d284e65f0a7056b9862994bae81a68b08f592.exe"
    1⤵
      PID:3280

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3280-115-0x0000000000B36000-0x0000000000B59000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3280-116-0x00000000008A0000-0x00000000009EA000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/3280-117-0x0000000000400000-0x0000000000896000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/3280-118-0x0000000002700000-0x000000000271F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3280-119-0x0000000004E70000-0x0000000004E71000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-120-0x0000000004E80000-0x0000000004E81000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-121-0x0000000004DD0000-0x0000000004DED000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3280-122-0x0000000005990000-0x0000000005991000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-123-0x0000000004E72000-0x0000000004E73000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-124-0x0000000004E73000-0x0000000004E74000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-125-0x0000000005380000-0x0000000005381000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-126-0x00000000053B0000-0x00000000053B1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-127-0x0000000004E74000-0x0000000004E76000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3280-128-0x00000000054C0000-0x00000000054C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3280-129-0x0000000005540000-0x0000000005541000-memory.dmp
      Filesize

      4KB

      Download