redline | 874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705 | Triage

Sharing

General

Target

874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
Size

282KB
Sample

230608-gl9ylscg65
MD5

2274be1d70152161c6a7d65517879c53
SHA1

f7dcb1bb89a129c37ad7edff5b2e403f62ca39cd
SHA256

874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
SHA512

9498895fdc58eb5e27c096cfa672fa2dbd268fabf151fecb605c413ba6adbe129ec063a2a13998dccc4d02162071475f8a770af04eca5a4190941035d66fa88d
SSDEEP

6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
- Size
  
  282KB
- MD5
  
  2274be1d70152161c6a7d65517879c53
- SHA1
  
  f7dcb1bb89a129c37ad7edff5b2e403f62ca39cd
- SHA256
  
  874b1b7cb15ffa53375ee68f02e3b44bcd2300b67232375a3acffb283f149705
- SHA512
  
  9498895fdc58eb5e27c096cfa672fa2dbd268fabf151fecb605c413ba6adbe129ec063a2a13998dccc4d02162071475f8a770af04eca5a4190941035d66fa88d
- SSDEEP
  
  6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer