Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    145s
  • max time network
    160s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    24-10-2021 00:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    588230aa59d845a76736e48fb032800cad423ceafaf2f217362e9dcdf719b444.exe

  • Size

    410KB

  • MD5

    fa4d623c6912e89e4d47ed142ea9ff2f

  • SHA1

    2208038e3a0110a13528795fa082db226bfd6c0e

  • SHA256

    588230aa59d845a76736e48fb032800cad423ceafaf2f217362e9dcdf719b444

  • SHA512

    2c2cd19bbbefbbe71a399dfa1ac48a3088e082ca47cec8136e58e4a70ddd600596a786006944d48c3c3b5060ef004fc0a776485578d6d036bab5c977868a961b

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\588230aa59d845a76736e48fb032800cad423ceafaf2f217362e9dcdf719b444.exe
    "C:\Users\Admin\AppData\Local\Temp\588230aa59d845a76736e48fb032800cad423ceafaf2f217362e9dcdf719b444.exe"
    1⤵
      PID:2892

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2892-115-0x0000000000C61000-0x0000000000C84000-memory.dmp
      Filesize

      140KB

      Download
    • memory/2892-117-0x0000000000400000-0x0000000000895000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/2892-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2892-118-0x0000000002630000-0x000000000264F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2892-119-0x0000000005170000-0x0000000005171000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-120-0x0000000002820000-0x000000000283D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2892-121-0x0000000005670000-0x0000000005671000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-122-0x0000000004FB0000-0x0000000004FB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-125-0x0000000004FE0000-0x0000000004FE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-126-0x0000000005163000-0x0000000005164000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-124-0x0000000005162000-0x0000000005163000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-123-0x0000000005160000-0x0000000005161000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-127-0x00000000050F0000-0x00000000050F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-128-0x0000000005C90000-0x0000000005C91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2892-129-0x0000000005164000-0x0000000005166000-memory.dmp
      Filesize

      8KB

      Download