redline | ba36ca0b0a36b9fbce7735961607a50f1759ee22c710020d1ea678c0eb380da2 | Triage

Sharing

General

Target

ba36ca0b0a36b9fbce7735961607a50f1759ee22c710020d1ea678c0eb380da2
Size

262KB
Sample

230607-qbk16sbc6y
MD5

a05c8ca3bbaadaee1390c312752c7c34
SHA1

6e8f2ca949ab32c7ff9f710f249277143b59207c
SHA256

ba36ca0b0a36b9fbce7735961607a50f1759ee22c710020d1ea678c0eb380da2
SHA512

d0920c74b549e89665629538d4cda2df3dbe00533eeff214af9eb011f3a98b219bec57fea2bf7773266350251eefaaff7a76e832d7e982165358d1b2bbe052c2
SSDEEP

3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  ba36ca0b0a36b9fbce7735961607a50f1759ee22c710020d1ea678c0eb380da2
- Size
  
  262KB
- MD5
  
  a05c8ca3bbaadaee1390c312752c7c34
- SHA1
  
  6e8f2ca949ab32c7ff9f710f249277143b59207c
- SHA256
  
  ba36ca0b0a36b9fbce7735961607a50f1759ee22c710020d1ea678c0eb380da2
- SHA512
  
  d0920c74b549e89665629538d4cda2df3dbe00533eeff214af9eb011f3a98b219bec57fea2bf7773266350251eefaaff7a76e832d7e982165358d1b2bbe052c2
- SSDEEP
  
  3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer