Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    24-10-2021 05:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de209d72d4dc594321c3e04ca9e195de4fce666edb49f449d34ea5e6a56a5caf.exe

  • Size

    409KB

  • MD5

    cc67214589285316fe34e0b410920a9e

  • SHA1

    0932585e1dd788a4aa29cf3e2e0763ba39796cd8

  • SHA256

    de209d72d4dc594321c3e04ca9e195de4fce666edb49f449d34ea5e6a56a5caf

  • SHA512

    d201e2d9d2bf0207cff523305acd1dd5ce6f60950b98c2a0c1efbb9b5da2c22cd495fe05415bb04901e4925a9efd9f81a58883f2c38cb7a1c63d5ac144320a51

Score
10/10
redlineudpinfostealer

Malware Config

Extracted

Family

redline

Botnet

UDP

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\de209d72d4dc594321c3e04ca9e195de4fce666edb49f449d34ea5e6a56a5caf.exe
    "C:\Users\Admin\AppData\Local\Temp\de209d72d4dc594321c3e04ca9e195de4fce666edb49f449d34ea5e6a56a5caf.exe"
    1⤵
      PID:784

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/784-115-0x0000000000A91000-0x0000000000AB4000-memory.dmp
      Filesize

      140KB

      Download
    • memory/784-116-0x0000000002610000-0x000000000262F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/784-117-0x0000000005100000-0x0000000005101000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-118-0x0000000002890000-0x00000000028AD000-memory.dmp
      Filesize

      116KB

      Download
    • memory/784-119-0x0000000005600000-0x0000000005601000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-120-0x00000000001D0000-0x0000000000200000-memory.dmp
      Filesize

      192KB

      Download
    • memory/784-121-0x0000000000400000-0x0000000000895000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/784-122-0x00000000050F0000-0x00000000050F1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-123-0x00000000050F2000-0x00000000050F3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-124-0x00000000050F3000-0x00000000050F4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-125-0x0000000004FB0000-0x0000000004FB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-126-0x0000000004FE0000-0x0000000004FE1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-127-0x0000000005C10000-0x0000000005C11000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-128-0x0000000005C90000-0x0000000005C91000-memory.dmp
      Filesize

      4KB

      Download
    • memory/784-129-0x00000000050F4000-0x00000000050F6000-memory.dmp
      Filesize

      8KB

      Download