Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • submitted
    23-05-2022 15:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bcc73a8a5f0be1a67a33a57fd81156df05597c69e26a5da18c1251ce300790c9.exe

  • Size

    379KB

  • MD5

    a82c12c76560f25c78fcff4522a54ac1

  • SHA1

    fe1fbab6dff71a23d8c53948dbf6574b4a8e6c49

  • SHA256

    bcc73a8a5f0be1a67a33a57fd81156df05597c69e26a5da18c1251ce300790c9

  • SHA512

    8e855fbc04b864f1d2ed42235ff26b4d7c530a994eceea55ac042202b714fd0621121b5e01320230638115cf2c685d10c9d23e2dc6b230da6bdf7451df8c43f9

Score
10/10
redlinetest1infostealer

Malware Config

Extracted

Family

redline

Botnet

test1

C2

185.215.113.75:80

Attributes
  • auth_value

    7ab4a4e2eae9eb7ae10f64f68df53bb3

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bcc73a8a5f0be1a67a33a57fd81156df05597c69e26a5da18c1251ce300790c9.exe
    "C:\Users\Admin\AppData\Local\Temp\bcc73a8a5f0be1a67a33a57fd81156df05597c69e26a5da18c1251ce300790c9.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2444-118-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-119-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-120-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-121-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-122-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-123-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-124-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-125-0x0000000000721000-0x000000000074B000-memory.dmp
    Filesize

    168KB

    Download
  • memory/2444-126-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-127-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-128-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-129-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-130-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-131-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-132-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-133-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-134-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-135-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-136-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-137-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-138-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-139-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-140-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-141-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-142-0x00000000005F0000-0x000000000073A000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/2444-143-0x0000000000910000-0x0000000000947000-memory.dmp
    Filesize

    220KB

    Download
  • memory/2444-144-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-145-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-146-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-147-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-148-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-149-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-150-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-151-0x0000000000400000-0x00000000004A4000-memory.dmp
    Filesize

    656KB

    Download
  • memory/2444-152-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-153-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-154-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-155-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-156-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-157-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-158-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-159-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-160-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-161-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-162-0x0000000002520000-0x0000000002550000-memory.dmp
    Filesize

    192KB

    Download
  • memory/2444-163-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-164-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-165-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-166-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-167-0x00000000049F0000-0x0000000004EEE000-memory.dmp
    Filesize

    5.0MB

    Download
  • memory/2444-168-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-169-0x0000000004F00000-0x0000000004F2E000-memory.dmp
    Filesize

    184KB

    Download
  • memory/2444-170-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-171-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-172-0x0000000004F50000-0x0000000005556000-memory.dmp
    Filesize

    6.0MB

    Download
  • memory/2444-173-0x00000000055F0000-0x0000000005602000-memory.dmp
    Filesize

    72KB

    Download
  • memory/2444-174-0x0000000005620000-0x000000000572A000-memory.dmp
    Filesize

    1.0MB

    Download
  • memory/2444-175-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-176-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-177-0x0000000005730000-0x000000000576E000-memory.dmp
    Filesize

    248KB

    Download
  • memory/2444-178-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-179-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-180-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-181-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-182-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-183-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-184-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-185-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-186-0x00000000057C0000-0x000000000580B000-memory.dmp
    Filesize

    300KB

    Download
  • memory/2444-187-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-188-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-189-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download
  • memory/2444-190-0x00000000774A0000-0x000000007762E000-memory.dmp
    Filesize

    1.6MB

    Download