Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    133s
  • max time network
    150s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    18/07/2023, 18:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c618613b71da8f4e9057198b30bb771f957e2d28c26081cb8544fbfa9a2ac123.exe

  • Size

    308KB

  • MD5

    011b3f2410fc31e6d34e4f5d5969052c

  • SHA1

    b17ecc096036965772b8f7717b7aa6eedd086d2d

  • SHA256

    c618613b71da8f4e9057198b30bb771f957e2d28c26081cb8544fbfa9a2ac123

  • SHA512

    a4a21dfe7c36f3e6171a9201574b9e3240263108524cac0afa03ff45a8a8eb9d6fb07d6b48d6caa85f08ff16570816be2eb955ac208312c911fe48de1e04f5fa

  • SSDEEP

    3072:5JGXcVezz7EjiRKpwelYpKLUrlfKsLX049hWa/dUBilHMOnwXQPq8Gxzn729897X:mWhjiRiwzcErsBilHn27RV

Score
10/10
redlinekirainfostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes
  • auth_value

    1677a40fd8997eb89377e1681911e9c6

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\c618613b71da8f4e9057198b30bb771f957e2d28c26081cb8544fbfa9a2ac123.exe
    "C:\Users\Admin\AppData\Local\Temp\c618613b71da8f4e9057198b30bb771f957e2d28c26081cb8544fbfa9a2ac123.exe"
    1⤵
      PID:4916

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4916-117-0x00000000001C0000-0x00000000001F0000-memory.dmp

      Filesize

      192KB

      Download

    • memory/4916-121-0x00000000736F0000-0x0000000073DDE000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/4916-122-0x00000000023D0000-0x00000000023D6000-memory.dmp

      Filesize

      24KB

      Download

    • memory/4916-123-0x0000000009F90000-0x000000000A596000-memory.dmp

      Filesize

      6.0MB

      Download

    • memory/4916-124-0x000000000A5E0000-0x000000000A6EA000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/4916-125-0x0000000004C00000-0x0000000004C10000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4916-126-0x000000000A710000-0x000000000A722000-memory.dmp

      Filesize

      72KB

      Download

    • memory/4916-127-0x000000000A730000-0x000000000A76E000-memory.dmp

      Filesize

      248KB

      Download

    • memory/4916-128-0x000000000A7E0000-0x000000000A82B000-memory.dmp

      Filesize

      300KB

      Download

    • memory/4916-129-0x00000000736F0000-0x0000000073DDE000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/4916-130-0x0000000004C00000-0x0000000004C10000-memory.dmp

      Filesize

      64KB

      Download