Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    135s
  • max time network
    158s
  • platform
    windows10_x64
  • resource
    win10-en-20210920
  • submitted
    24-10-2021 11:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5196ef4b9226a4905ecb23f51e006ae1c51f7a4bebe8d1d32592ece31e4012b5.exe

  • Size

    409KB

  • MD5

    b95c9b4728ff1856fc5312613eb1b028

  • SHA1

    26142c26591c2c4a1e93a8cc9f88865c57019732

  • SHA256

    5196ef4b9226a4905ecb23f51e006ae1c51f7a4bebe8d1d32592ece31e4012b5

  • SHA512

    cb473a2901931b8215ec7c9a3b4410a852fca2f893a767c3aac0c80eed2b6e320f81f29fa77643fbd8ab7b0d8a768ceb1c97fbc9d1e65935591d43e4072f942f

Score
10/10
redlinepubinfostealer

Malware Config

Extracted

Family

redline

Botnet

PUB

C2

45.9.20.182:52236

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine Payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5196ef4b9226a4905ecb23f51e006ae1c51f7a4bebe8d1d32592ece31e4012b5.exe
    "C:\Users\Admin\AppData\Local\Temp\5196ef4b9226a4905ecb23f51e006ae1c51f7a4bebe8d1d32592ece31e4012b5.exe"
    1⤵
      PID:3632

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3632-115-0x0000000001241000-0x0000000001264000-memory.dmp
      Filesize

      140KB

      Download
    • memory/3632-116-0x0000000001040000-0x000000000118A000-memory.dmp
      Filesize

      1.3MB

      Download
    • memory/3632-117-0x0000000002E60000-0x0000000002E7F000-memory.dmp
      Filesize

      124KB

      Download
    • memory/3632-118-0x0000000005820000-0x0000000005821000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-119-0x0000000003260000-0x000000000327D000-memory.dmp
      Filesize

      116KB

      Download
    • memory/3632-120-0x0000000005D20000-0x0000000005D21000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-121-0x0000000005750000-0x0000000005751000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-122-0x0000000006330000-0x0000000006331000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-123-0x0000000005780000-0x0000000005781000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-124-0x0000000000400000-0x0000000001037000-memory.dmp
      Filesize

      12.2MB

      Download
    • memory/3632-125-0x0000000005810000-0x0000000005811000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-126-0x0000000005812000-0x0000000005813000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-127-0x0000000005813000-0x0000000005814000-memory.dmp
      Filesize

      4KB

      Download
    • memory/3632-128-0x0000000005814000-0x0000000005816000-memory.dmp
      Filesize

      8KB

      Download
    • memory/3632-129-0x0000000006440000-0x0000000006441000-memory.dmp
      Filesize

      4KB

      Download