redline | 21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f | Triage

Sharing

General

Target

21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
Size

282KB
Sample

230608-gk34nscg59
MD5

37da12a4bb5985703c04b1397ed3c8c8
SHA1

64a245edb7b5a4ff35e0800b5f0d1168b2fbc520
SHA256

21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
SHA512

0677ca9608106910367e3cb65616173643305dd4a9a519689e904913ed79bf1437a4d6ca6d629d5c050327d86887c0770b5e91424526ed58d0ff2005d9174373
SSDEEP

6144:NQvoWvJ0y0qwvTygXUNVS4MGh1aBFrvz1xcxcWhwrt:NUZ8yR1aBFrvz1xcxdwrt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
- Size
  
  282KB
- MD5
  
  37da12a4bb5985703c04b1397ed3c8c8
- SHA1
  
  64a245edb7b5a4ff35e0800b5f0d1168b2fbc520
- SHA256
  
  21d3db4b58f136dc0ca8108cb22b6408936f125a559105b0a5154b6666b7a91f
- SHA512
  
  0677ca9608106910367e3cb65616173643305dd4a9a519689e904913ed79bf1437a4d6ca6d629d5c050327d86887c0770b5e91424526ed58d0ff2005d9174373
- SSDEEP
  
  6144:NQvoWvJ0y0qwvTygXUNVS4MGh1aBFrvz1xcxcWhwrt:NUZ8yR1aBFrvz1xcxdwrt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer