Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    23-10-2021 12:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    653d6ce634e48983023bd93e7e057f56eadee08a64c527c760478d1264eeeb72.exe

  • Size

    409KB

  • MD5

    5c0538a967065c181d4ff0cf298f2da0

  • SHA1

    847be33b4c79bc30d7e39d154790b09842a1e95f

  • SHA256

    653d6ce634e48983023bd93e7e057f56eadee08a64c527c760478d1264eeeb72

  • SHA512

    ae6044e5135faa99bfff8c018dd1d77c87d2bc404fa057da19507e0b0a46306d9b06865ec923c5b5bcff106d898a4b923b66b775cf4ae41257b899b0f4858511

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\653d6ce634e48983023bd93e7e057f56eadee08a64c527c760478d1264eeeb72.exe
    "C:\Users\Admin\AppData\Local\Temp\653d6ce634e48983023bd93e7e057f56eadee08a64c527c760478d1264eeeb72.exe"
    1⤵
      PID:3028

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3028-115-0x0000000000B31000-0x0000000000B54000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3028-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3028-117-0x0000000000400000-0x0000000000896000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/3028-118-0x0000000002730000-0x000000000274F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3028-119-0x0000000004DE0000-0x0000000004DE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-120-0x00000000052E0000-0x00000000052FD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3028-121-0x0000000005300000-0x0000000005301000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-122-0x0000000005990000-0x0000000005991000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-123-0x00000000059C0000-0x00000000059C1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-124-0x0000000005AD0000-0x0000000005AD1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-125-0x0000000002750000-0x0000000002751000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-126-0x0000000002752000-0x0000000002753000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-127-0x0000000002753000-0x0000000002754000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3028-128-0x0000000002754000-0x0000000002756000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3028-129-0x0000000005B50000-0x0000000005B51000-memory.dmp
      Filesize

      4KB

      Download