Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    24-10-2021 02:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7edf5917c924adeaa5f5453b09b80c6b4d8242f9a447ac0662c109ddcb62642e.exe

  • Size

    410KB

  • MD5

    be4558e2ae5c11663468b3e057963ede

  • SHA1

    2500f713ff2eea31a149e758561f91b25245308d

  • SHA256

    7edf5917c924adeaa5f5453b09b80c6b4d8242f9a447ac0662c109ddcb62642e

  • SHA512

    88d48e40b873ef74766ac6fdb2c5074eb92a3ca41642773abba337ecda3f65162ea10ec057332e7a940651ddee9d02f1f07a6ec6172007548fd44673e7f555bc

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7edf5917c924adeaa5f5453b09b80c6b4d8242f9a447ac0662c109ddcb62642e.exe
    "C:\Users\Admin\AppData\Local\Temp\7edf5917c924adeaa5f5453b09b80c6b4d8242f9a447ac0662c109ddcb62642e.exe"
    1⤵
      PID:3756

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3756-115-0x0000000000A81000-0x0000000000AA4000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3756-117-0x0000000000400000-0x0000000000895000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/3756-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/3756-118-0x0000000002860000-0x000000000287F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3756-119-0x0000000005170000-0x0000000005171000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-120-0x0000000002AC0000-0x0000000002ADD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3756-121-0x0000000005670000-0x0000000005671000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-122-0x0000000005160000-0x0000000005161000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-123-0x0000000005162000-0x0000000005163000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-124-0x0000000005163000-0x0000000005164000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-125-0x0000000004FD0000-0x0000000004FD1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-126-0x0000000004FF0000-0x0000000004FF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-127-0x0000000005100000-0x0000000005101000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3756-128-0x0000000005164000-0x0000000005166000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3756-129-0x0000000005C90000-0x0000000005C91000-memory.dmp
      Filesize

      4KB

      Download