redline | a154ef5e23ad52d7585d06f43193144de5a4f94a8bd1b32cc2432f48b985bfc1 | Triage

Sharing

General

Target

a154ef5e23ad52d7585d06f43193144de5a4f94a8bd1b32cc2432f48b985bfc1
Size

262KB
Sample

230607-qajfysag66
MD5

a7a98dcf71e1818587a9d6ecec42ff85
SHA1

4d146101e800c6055e6a8ab00dcb05faaef6b888
SHA256

a154ef5e23ad52d7585d06f43193144de5a4f94a8bd1b32cc2432f48b985bfc1
SHA512

8ca08f9cd018723770ddf536b8d4901112122096d37e826896dae59b83ed35ed628caf28461e2a2504027bd3b9bd011b553e87224fb7159c4c9bc97a8bc6949d
SSDEEP

3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  a154ef5e23ad52d7585d06f43193144de5a4f94a8bd1b32cc2432f48b985bfc1
- Size
  
  262KB
- MD5
  
  a7a98dcf71e1818587a9d6ecec42ff85
- SHA1
  
  4d146101e800c6055e6a8ab00dcb05faaef6b888
- SHA256
  
  a154ef5e23ad52d7585d06f43193144de5a4f94a8bd1b32cc2432f48b985bfc1
- SHA512
  
  8ca08f9cd018723770ddf536b8d4901112122096d37e826896dae59b83ed35ed628caf28461e2a2504027bd3b9bd011b553e87224fb7159c4c9bc97a8bc6949d
- SSDEEP
  
  3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer