Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    133s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14-07-2023 13:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    39cca3bb9eb2938c700413aa227305dcae592120849ffc632f5c33616752ed25.exe

  • Size

    489KB

  • MD5

    1d3c0f6af7dc16e1b5a0f5c35ede9ed3

  • SHA1

    89a8a39b554e0b958a62222c7d01ab2bf620a5dc

  • SHA256

    39cca3bb9eb2938c700413aa227305dcae592120849ffc632f5c33616752ed25

  • SHA512

    c43e7e8b22f638fbcb2312268959317cce0e6d5aec16c47f348fd9c0067b7a423b2dd33bcdec5fe05d252b4ae61c142f80a9c705b2d4087ae5cd98bf5118b485

  • SSDEEP

    6144:eDfXukb0FqxaKYRa2eVIRXAQugvUQjqATyIK4Vy824P4k0+Rint470cd45bmqK:EfXukWTR9emFAdFxIK4Vz24TlYtc0Pc

Score
10/10
redlinekirainfostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes
  • auth_value

    1677a40fd8997eb89377e1681911e9c6

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\39cca3bb9eb2938c700413aa227305dcae592120849ffc632f5c33616752ed25.exe
    "C:\Users\Admin\AppData\Local\Temp\39cca3bb9eb2938c700413aa227305dcae592120849ffc632f5c33616752ed25.exe"
    1⤵
      PID:3720

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3720-121-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/3720-122-0x00000000005C0000-0x000000000064C000-memory.dmp

      Filesize

      560KB

      Download

    • memory/3720-128-0x0000000073560000-0x0000000073C4E000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/3720-129-0x00000000005C0000-0x000000000064C000-memory.dmp

      Filesize

      560KB

      Download

    • memory/3720-130-0x0000000006C50000-0x0000000006C51000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3720-131-0x0000000004660000-0x0000000004666000-memory.dmp

      Filesize

      24KB

      Download

    • memory/3720-132-0x0000000006D80000-0x0000000007386000-memory.dmp

      Filesize

      6.0MB

      Download

    • memory/3720-133-0x0000000007390000-0x000000000749A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/3720-135-0x0000000006D70000-0x0000000006D80000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3720-134-0x0000000006B70000-0x0000000006B82000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3720-136-0x0000000006B90000-0x0000000006BCE000-memory.dmp

      Filesize

      248KB

      Download

    • memory/3720-137-0x00000000074A0000-0x00000000074EB000-memory.dmp

      Filesize

      300KB

      Download

    • memory/3720-138-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/3720-139-0x0000000073560000-0x0000000073C4E000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/3720-140-0x0000000006D70000-0x0000000006D80000-memory.dmp

      Filesize

      64KB

      Download