redline | aa6cefc44c3ebe79abf93c4fcbe624693cac58949b990c474d86899e2332cdbe | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Analysis

max time kernel
135s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
16/07/2023, 21:55

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

aa6cefc44c3ebe79abf93c4fcbe624693cac58949b990c474d86899e2332cdbe.exe

Resource

win10v2004-20230703-en

redline kira infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

aa6cefc44c3ebe79abf93c4fcbe624693cac58949b990c474d86899e2332cdbe.exe
Size

308KB
MD5

7a5e08473495c1dfc15f11373cfca649
SHA1

d21661908b7bc002fdb143cd059efe0ad6d941ef
SHA256

aa6cefc44c3ebe79abf93c4fcbe624693cac58949b990c474d86899e2332cdbe
SHA512

e5ea40760fd89e496c92ead60b28b2e53d2e637f96c609c1fef27a759681d0b6116bf5dcff4908cb7df685c42153be2ba3b8875c821d113f05fa886fd65b11bb
SSDEEP

3072:6m2yoSBzzwgjiRrJwelYpKTqrlxOlLX049hWa/dUBilHMOnwXQPq8Gxzn729897X:zPrjiRVwzcprsBilHn27RV

Score

10^/10

redline kira infostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes

auth_value
1677a40fd8997eb89377e1681911e9c6

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\aa6cefc44c3ebe79abf93c4fcbe624693cac58949b990c474d86899e2332cdbe.exe
"C:\Users\Admin\AppData\Local\Temp\aa6cefc44c3ebe79abf93c4fcbe624693cac58949b990c474d86899e2332cdbe.exe"
1⤵
PID:3912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3912-133-0x00000000001C0000-0x00000000001F0000-memory.dmp

Filesize
192KB

Download
memory/3912-137-0x0000000074B00000-0x00000000752B0000-memory.dmp

Filesize
7.7MB

Download
memory/3912-138-0x0000000009FA0000-0x000000000A5B8000-memory.dmp

Filesize
6.1MB

Download
memory/3912-139-0x000000000A650000-0x000000000A75A000-memory.dmp

Filesize
1.0MB

Download
memory/3912-141-0x0000000004AC0000-0x0000000004AD0000-memory.dmp

Filesize
64KB

Download
memory/3912-140-0x000000000A790000-0x000000000A7A2000-memory.dmp

Filesize
72KB

Download
memory/3912-142-0x000000000A7B0000-0x000000000A7EC000-memory.dmp

Filesize
240KB

Download
memory/3912-143-0x0000000074B00000-0x00000000752B0000-memory.dmp

Filesize
7.7MB

Download
memory/3912-144-0x0000000004AC0000-0x0000000004AD0000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy