redline | 8162a59eb5801d4e34207ee8a09077413e57f0766390090fd2a9f1857bb757c0 | Triage

Submit
Reports

Overview

overview

Static

static

3

dridex

windows10-1703-x64

Analysis

max time kernel
133s
max time network
147s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
17/07/2023, 10:43

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8162a59eb5801d4e34207ee8a09077413e57f0766390090fd2a9f1857bb757c0.exe

Resource

win10-20230703-en

redline kira infostealer

windows10-1703-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

8162a59eb5801d4e34207ee8a09077413e57f0766390090fd2a9f1857bb757c0.exe
Size

308KB
MD5

69acd4c60ce4a79e05faa8c6a3cce8b3
SHA1

38e06bb985b81bf25e6233a76bb19079e9e9e1c3
SHA256

8162a59eb5801d4e34207ee8a09077413e57f0766390090fd2a9f1857bb757c0
SHA512

2759e64283caa2f2358cbcc2c9e3b64a1e9a147e04139171107e9fd3d7f0c215ababc4c7b2790353fa6dbfc82dd177c6edaedc84b766829004cb2a8b776c19d8
SSDEEP

3072:EK53W9huq4Ozz2SjiRa5welYpKYnrlzDZLX049hWa/dUBilHMOnwXQPq8Gxzn72u:H3W4UjiRCwz8mrsBilHn27RV

Score

10^/10

redline kira infostealer

Malware Config

Extracted

Family

redline

Botnet

kira

C2

77.91.68.48:19071

Attributes

auth_value
1677a40fd8997eb89377e1681911e9c6

Signatures

RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
infostealer redline

Processes

C:\Users\Admin\AppData\Local\Temp\8162a59eb5801d4e34207ee8a09077413e57f0766390090fd2a9f1857bb757c0.exe
"C:\Users\Admin\AppData\Local\Temp\8162a59eb5801d4e34207ee8a09077413e57f0766390090fd2a9f1857bb757c0.exe"
1⤵
PID:1632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1632-117-0x00000000001C0000-0x00000000001F0000-memory.dmp

Filesize
192KB

Download
memory/1632-121-0x00000000730D0000-0x00000000737BE000-memory.dmp

Filesize
6.9MB

Download
memory/1632-122-0x0000000004A50000-0x0000000004A56000-memory.dmp

Filesize
24KB

Download
memory/1632-123-0x0000000009E00000-0x000000000A406000-memory.dmp

Filesize
6.0MB

Download
memory/1632-124-0x000000000A4A0000-0x000000000A5AA000-memory.dmp

Filesize
1.0MB

Download
memory/1632-125-0x0000000004A70000-0x0000000004A80000-memory.dmp

Filesize
64KB

Download
memory/1632-126-0x000000000A5D0000-0x000000000A5E2000-memory.dmp

Filesize
72KB

Download
memory/1632-127-0x000000000A5F0000-0x000000000A62E000-memory.dmp

Filesize
248KB

Download
memory/1632-128-0x000000000A6A0000-0x000000000A6EB000-memory.dmp

Filesize
300KB

Download
memory/1632-129-0x00000000730D0000-0x00000000737BE000-memory.dmp

Filesize
6.9MB

Download
memory/1632-130-0x0000000004A70000-0x0000000004A80000-memory.dmp

Filesize
64KB

Download

© 2018-2025

Terms | Privacy