redline | f7aad09f2f71e1c21101948e42f96b44093534e25de41407f0dd7661d9c2453d | Triage

Sharing

General

Target

f7aad09f2f71e1c21101948e42f96b44093534e25de41407f0dd7661d9c2453d
Size

262KB
Sample

230607-qs6n7sbb29
MD5

7b664cc4562485c91caf4cafede4f4fe
SHA1

61c85620a562e3e2e9f261ba430eb68bef75dd6c
SHA256

f7aad09f2f71e1c21101948e42f96b44093534e25de41407f0dd7661d9c2453d
SHA512

a7c4c3526394dee860c57cc5764715379e5c6e7b7c2c9886673c32df1033f190f0f2a0ec9c1e898567ae6dd7a55ad99f64ec2c03ba154710fa43edd7febb07b5
SSDEEP

3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  f7aad09f2f71e1c21101948e42f96b44093534e25de41407f0dd7661d9c2453d
- Size
  
  262KB
- MD5
  
  7b664cc4562485c91caf4cafede4f4fe
- SHA1
  
  61c85620a562e3e2e9f261ba430eb68bef75dd6c
- SHA256
  
  f7aad09f2f71e1c21101948e42f96b44093534e25de41407f0dd7661d9c2453d
- SHA512
  
  a7c4c3526394dee860c57cc5764715379e5c6e7b7c2c9886673c32df1033f190f0f2a0ec9c1e898567ae6dd7a55ad99f64ec2c03ba154710fa43edd7febb07b5
- SSDEEP
  
  3072:Ox/qx1OuyRyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:a/qx1aEFaQ7W05AEezbMPZFzAy2Sc
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer