redline | 599f18128f6f5e8143f0c2d0338041d023f4b572a3b1e7ef1cfb2deeea044e6f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Analysis

max time kernel
162s
max time network
179s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
16/07/2023, 07:28

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

599f18128f6f5e8143f0c2d0338041d023f4b572a3b1e7ef1cfb2deeea044e6f.exe

Resource

win10v2004-20230703-en

redline kira infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

599f18128f6f5e8143f0c2d0338041d023f4b572a3b1e7ef1cfb2deeea044e6f.exe
Size

490KB
MD5

d1159a778d6b7b46202dc9b44f8bf783
SHA1

65dfda69d30c7a16bb2f2c30e60d5f2fe2410d36
SHA256

599f18128f6f5e8143f0c2d0338041d023f4b572a3b1e7ef1cfb2deeea044e6f
SHA512

c56363c9c3a66a16ca2390e35683089db1e26d212788bb705ad173312b42d4cccd15f8a42e7df9eb4d5b55fde6f67e3c8e012c9f66fda44aececae2afc4843ef
SSDEEP

12288:3u/FJCzJtTCVHXyqO6+ymK4aNueBN/YTF2baEIgvvWAdjvjDUlhiblk7jZsW:3uG3GHtKK4EueBN/YJ2baEIgvvWAdjv1

Score

10^/10

redline kira infostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes

auth_value
1677a40fd8997eb89377e1681911e9c6

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\599f18128f6f5e8143f0c2d0338041d023f4b572a3b1e7ef1cfb2deeea044e6f.exe
"C:\Users\Admin\AppData\Local\Temp\599f18128f6f5e8143f0c2d0338041d023f4b572a3b1e7ef1cfb2deeea044e6f.exe"
1⤵
PID:3592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3592-133-0x0000000000400000-0x000000000047F000-memory.dmp

Filesize
508KB

Download
memory/3592-134-0x00000000005E0000-0x000000000066C000-memory.dmp

Filesize
560KB

Download
memory/3592-140-0x0000000074660000-0x0000000074E10000-memory.dmp

Filesize
7.7MB

Download
memory/3592-141-0x00000000005E0000-0x000000000066C000-memory.dmp

Filesize
560KB

Download
memory/3592-142-0x00000000024E0000-0x00000000024E1000-memory.dmp

Filesize
4KB

Download
memory/3592-143-0x00000000052C0000-0x00000000058D8000-memory.dmp

Filesize
6.1MB

Download
memory/3592-144-0x0000000004CA0000-0x0000000004DAA000-memory.dmp

Filesize
1.0MB

Download
memory/3592-145-0x0000000004BE0000-0x0000000004BF2000-memory.dmp

Filesize
72KB

Download
memory/3592-146-0x0000000004C90000-0x0000000004CA0000-memory.dmp

Filesize
64KB

Download
memory/3592-147-0x0000000004C00000-0x0000000004C3C000-memory.dmp

Filesize
240KB

Download
memory/3592-148-0x0000000074660000-0x0000000074E10000-memory.dmp

Filesize
7.7MB

Download
memory/3592-149-0x0000000004C90000-0x0000000004CA0000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy