Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Analysis

  • max time kernel
    143s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-07-2023 12:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc5d42ddf03e964cebc7cf6a86eef4cf88be29963e0a2d44255cb00a6a7d2d90.exe

  • Size

    492KB

  • MD5

    1cd5617dd6d8e8901ba98fe47c521803

  • SHA1

    3a388f81dfbb0c3468cb5250dadb72af73f526de

  • SHA256

    dc5d42ddf03e964cebc7cf6a86eef4cf88be29963e0a2d44255cb00a6a7d2d90

  • SHA512

    6b76471ca438334a7f96d0b288e88e1ba792f867020b0f811120a2dcf34f9a922fbb8aecf8eb488d9a1ec91a84cc0cc27e3b862f52c92445a96cdb6b60dbb9cc

  • SSDEEP

    6144:bi+4/rUF6xKLbpPW58+PrUwwDc9rA9RSfqozi5K4GGu7eg39iDfVtWGkkH2VXkwz:Ob/GNpODPr2o9zQK4U7WTVtWVkWPz

Score
10/10
redlinekirainfostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes
  • auth_value

    1677a40fd8997eb89377e1681911e9c6

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\dc5d42ddf03e964cebc7cf6a86eef4cf88be29963e0a2d44255cb00a6a7d2d90.exe
    "C:\Users\Admin\AppData\Local\Temp\dc5d42ddf03e964cebc7cf6a86eef4cf88be29963e0a2d44255cb00a6a7d2d90.exe"
    1⤵
      PID:2832

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2832-133-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/2832-134-0x00000000020C0000-0x000000000214C000-memory.dmp

      Filesize

      560KB

      Download

    • memory/2832-140-0x00000000744A0000-0x0000000074C50000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/2832-141-0x00000000020C0000-0x000000000214C000-memory.dmp

      Filesize

      560KB

      Download

    • memory/2832-142-0x0000000002570000-0x0000000002571000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2832-143-0x0000000005290000-0x00000000058A8000-memory.dmp

      Filesize

      6.1MB

      Download

    • memory/2832-144-0x0000000004C70000-0x0000000004D7A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/2832-145-0x0000000004C60000-0x0000000004C70000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2832-146-0x0000000004BF0000-0x0000000004C02000-memory.dmp

      Filesize

      72KB

      Download

    • memory/2832-147-0x0000000004C10000-0x0000000004C4C000-memory.dmp

      Filesize

      240KB

      Download

    • memory/2832-148-0x00000000744A0000-0x0000000074C50000-memory.dmp

      Filesize

      7.7MB

      Download

    • memory/2832-149-0x0000000004C60000-0x0000000004C70000-memory.dmp

      Filesize

      64KB

      Download