Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    133s
  • max time network
    149s
  • platform
    windows10-1703_x64
  • resource
    win10-20230703-en
  • resource tags

    arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
  • submitted
    20/07/2023, 12:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1fd6260f83b9812f9cef3a502bb974fe568f18abff11890c0d315abf253c2764.exe

  • Size

    308KB

  • MD5

    bd93673c0c4b44b79263c1c1c1e9f7f6

  • SHA1

    76e9a745fd7328a74bbcd9eca8b8624e95aebf6a

  • SHA256

    1fd6260f83b9812f9cef3a502bb974fe568f18abff11890c0d315abf253c2764

  • SHA512

    dc6d35216eea4c4f809313585bc627ff40e0d8f5b2617b18d3e152d0ac3cd55b935c8c03003a1e94c129e4d78dda40b8e57fd609bc38c801dd7171a00051ef56

  • SSDEEP

    3072:5JGXcVezz7EjiRKpwelYpKLUrlfKsLX049hWa/dUBilHMOnwXQPq8Gxzn729897X:mWhjiRiwzcErsBilHn27RV

Score
10/10
redlinekirainfostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes
  • auth_value

    1677a40fd8997eb89377e1681911e9c6

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline

Processes

  • C:\Users\Admin\AppData\Local\Temp\1fd6260f83b9812f9cef3a502bb974fe568f18abff11890c0d315abf253c2764.exe
    "C:\Users\Admin\AppData\Local\Temp\1fd6260f83b9812f9cef3a502bb974fe568f18abff11890c0d315abf253c2764.exe"
    1⤵
      PID:3112

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3112-120-0x00000000001C0000-0x00000000001F0000-memory.dmp

      Filesize

      192KB

      Download

    • memory/3112-124-0x0000000073370000-0x0000000073A5E000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/3112-125-0x0000000002420000-0x0000000002426000-memory.dmp

      Filesize

      24KB

      Download

    • memory/3112-126-0x0000000004B80000-0x0000000005186000-memory.dmp

      Filesize

      6.0MB

      Download

    • memory/3112-127-0x00000000051C0000-0x00000000052CA000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/3112-128-0x0000000004930000-0x0000000004940000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3112-129-0x00000000052F0000-0x0000000005302000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3112-130-0x0000000005310000-0x000000000534E000-memory.dmp

      Filesize

      248KB

      Download

    • memory/3112-131-0x00000000053C0000-0x000000000540B000-memory.dmp

      Filesize

      300KB

      Download

    • memory/3112-132-0x0000000073370000-0x0000000073A5E000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/3112-133-0x0000000004930000-0x0000000004940000-memory.dmp

      Filesize

      64KB

      Download