Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    145s
  • max time network
    149s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    24-10-2021 05:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85173b22538738f2724322e4de98e42b3b72263023569acbb100f287ebf14567.exe

  • Size

    409KB

  • MD5

    ad694a3a5285634a455bb6620e93f011

  • SHA1

    f5b656f04df0759cc87c842cf814e5a69edab84f

  • SHA256

    85173b22538738f2724322e4de98e42b3b72263023569acbb100f287ebf14567

  • SHA512

    3e3c01ca16ca1543054b8b26e26998029d289ee01c57d832344297db947d8bcd9a110c0b38ddec0c0804109681b02da5898a1c26d1d5e6ee46c12f2f56da916e

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\85173b22538738f2724322e4de98e42b3b72263023569acbb100f287ebf14567.exe
    "C:\Users\Admin\AppData\Local\Temp\85173b22538738f2724322e4de98e42b3b72263023569acbb100f287ebf14567.exe"
    1⤵
      PID:2616

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2616-115-0x0000000000AB1000-0x0000000000AD4000-memory.dmp
      Filesize

      140KB

      Download
    • memory/2616-117-0x0000000000400000-0x0000000000895000-memory.dmp
      Filesize

      4.6MB

      Download
    • memory/2616-116-0x00000000001C0000-0x00000000001F0000-memory.dmp
      Filesize

      192KB

      Download
    • memory/2616-118-0x0000000004FF0000-0x0000000004FF1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-119-0x00000000027E0000-0x00000000027FF000-memory.dmp
      Filesize

      124KB

      Download
    • memory/2616-120-0x0000000005000000-0x0000000005001000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-121-0x0000000002A70000-0x0000000002A8D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/2616-122-0x0000000005500000-0x0000000005501000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-123-0x0000000004FB0000-0x0000000004FB1000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-124-0x0000000005B10000-0x0000000005B11000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-125-0x0000000005C20000-0x0000000005C21000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-126-0x0000000004FF2000-0x0000000004FF3000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-127-0x0000000004FF3000-0x0000000004FF4000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2616-128-0x0000000004FF4000-0x0000000004FF6000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2616-129-0x0000000005C90000-0x0000000005C91000-memory.dmp
      Filesize

      4KB

      Download