redline | 783549f0bfc9fd844403b32996e24a16e0f95bc413c2e7e3b92bafc17cffdad2 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Analysis

max time kernel
139s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
16/07/2023, 07:16

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

783549f0bfc9fd844403b32996e24a16e0f95bc413c2e7e3b92bafc17cffdad2.exe

Resource

win10v2004-20230703-en

redline kira infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

783549f0bfc9fd844403b32996e24a16e0f95bc413c2e7e3b92bafc17cffdad2.exe
Size

493KB
MD5

28b67567d2ef3f717782704fabdb7c3a
SHA1

c4317c08f61c19b34cd3a697e98e8dbc4132b24c
SHA256

783549f0bfc9fd844403b32996e24a16e0f95bc413c2e7e3b92bafc17cffdad2
SHA512

d86e4257f9cbd5a2aead8151785ab5024226086b23c1f23a298202c1de766e6138e7c60dd3e50f36dfe5b240b77a5800ca3147c336b8c85d80a598b848c41ea5
SSDEEP

12288:OGwFCZ60I8d/DhBUAdGtFK42i/Wi52/k:OGCD8d/YAdAFK4bWi52/k

Score

10^/10

redline kira infostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes

auth_value
1677a40fd8997eb89377e1681911e9c6

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\783549f0bfc9fd844403b32996e24a16e0f95bc413c2e7e3b92bafc17cffdad2.exe
"C:\Users\Admin\AppData\Local\Temp\783549f0bfc9fd844403b32996e24a16e0f95bc413c2e7e3b92bafc17cffdad2.exe"
1⤵
PID:1548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1548-134-0x0000000002090000-0x000000000211C000-memory.dmp

Filesize
560KB

Download
memory/1548-133-0x0000000000400000-0x0000000000480000-memory.dmp

Filesize
512KB

Download
memory/1548-140-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/1548-141-0x0000000002090000-0x000000000211C000-memory.dmp

Filesize
560KB

Download
memory/1548-142-0x0000000006C70000-0x0000000006C71000-memory.dmp

Filesize
4KB

Download
memory/1548-143-0x000000000A690000-0x000000000ACA8000-memory.dmp

Filesize
6.1MB

Download
memory/1548-144-0x000000000A090000-0x000000000A19A000-memory.dmp

Filesize
1.0MB

Download
memory/1548-146-0x0000000006CF0000-0x0000000006D00000-memory.dmp

Filesize
64KB

Download
memory/1548-145-0x000000000A1C0000-0x000000000A1D2000-memory.dmp

Filesize
72KB

Download
memory/1548-147-0x000000000A1E0000-0x000000000A21C000-memory.dmp

Filesize
240KB

Download
memory/1548-148-0x0000000074430000-0x0000000074BE0000-memory.dmp

Filesize
7.7MB

Download
memory/1548-149-0x0000000006CF0000-0x0000000006D00000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy