redline | cbda156d628cd3a19206f6d73b8c9df069fffb4536be042bc402ea8ef1877d08 | Triage

Sharing

General

Target

cbda156d628cd3a19206f6d73b8c9df069fffb4536be042bc402ea8ef1877d08
Size

282KB
Sample

230608-gmlbmsdd2z
MD5

572fdd5ea9a06fa2b798c34bcf6206d5
SHA1

50af890e22057c4d7980003ce117bfb1bf8b7926
SHA256

cbda156d628cd3a19206f6d73b8c9df069fffb4536be042bc402ea8ef1877d08
SHA512

be6a776112f990ea1b84363e8cecca73594dfe1807615a368f5439bf0ffe4f138e4906af9e7466862c1f2b73b7d26e7d2e9b59e1c4599d5eadbe4cd4f816f936
SSDEEP

6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  cbda156d628cd3a19206f6d73b8c9df069fffb4536be042bc402ea8ef1877d08
- Size
  
  282KB
- MD5
  
  572fdd5ea9a06fa2b798c34bcf6206d5
- SHA1
  
  50af890e22057c4d7980003ce117bfb1bf8b7926
- SHA256
  
  cbda156d628cd3a19206f6d73b8c9df069fffb4536be042bc402ea8ef1877d08
- SHA512
  
  be6a776112f990ea1b84363e8cecca73594dfe1807615a368f5439bf0ffe4f138e4906af9e7466862c1f2b73b7d26e7d2e9b59e1c4599d5eadbe4cd4f816f936
- SSDEEP
  
  6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer