redline | 80efe5f5ae79d74a4bc50afc395710ceee50b91785128504c1edf9d7172f78ea | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Analysis

max time kernel
143s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
17/07/2023, 01:11

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

80efe5f5ae79d74a4bc50afc395710ceee50b91785128504c1edf9d7172f78ea.exe

Resource

win10v2004-20230703-en

redline kira infostealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

80efe5f5ae79d74a4bc50afc395710ceee50b91785128504c1edf9d7172f78ea.exe
Size

308KB
MD5

eb7c85182e1a7f7c99fd2d76aa775eca
SHA1

3f8623e498aaa3bef86588c14c1175bb17b24429
SHA256

80efe5f5ae79d74a4bc50afc395710ceee50b91785128504c1edf9d7172f78ea
SHA512

24135b5e51d6aa73afc5a6cfeeb084c6dc0500709c6cee1b130171bef11ced2782c4ebda396fb5e6853fa45c5a85e723a8852abc3486805a1633fb9af6468861
SSDEEP

3072:IsZeP6ixzzLwjiR7ZwelYpKj/rlxPffoLX049hWa/dUBilHMOnwXQPq8Gxzn729k:7ZgKjiRVwz8nforsBilHn27RV

Score

10^/10

redline kira infostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes

auth_value
1677a40fd8997eb89377e1681911e9c6

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\80efe5f5ae79d74a4bc50afc395710ceee50b91785128504c1edf9d7172f78ea.exe
"C:\Users\Admin\AppData\Local\Temp\80efe5f5ae79d74a4bc50afc395710ceee50b91785128504c1edf9d7172f78ea.exe"
1⤵
PID:828

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/828-133-0x00000000001C0000-0x00000000001F0000-memory.dmp

Filesize
192KB

Download
memory/828-137-0x00000000747E0000-0x0000000074F90000-memory.dmp

Filesize
7.7MB

Download
memory/828-138-0x00000000052C0000-0x00000000058D8000-memory.dmp

Filesize
6.1MB

Download
memory/828-139-0x0000000004CA0000-0x0000000004DAA000-memory.dmp

Filesize
1.0MB

Download
memory/828-141-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download
memory/828-140-0x0000000004B30000-0x0000000004B42000-memory.dmp

Filesize
72KB

Download
memory/828-142-0x0000000004B50000-0x0000000004B8C000-memory.dmp

Filesize
240KB

Download
memory/828-143-0x00000000747E0000-0x0000000074F90000-memory.dmp

Filesize
7.7MB

Download
memory/828-144-0x0000000004B90000-0x0000000004BA0000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy