redline | 983f6d0f1944d6875bc828fb8fb31408c5d3f3022c610d0fbcf367f66ad4bcb3 | Triage

Sharing

General

Target

983f6d0f1944d6875bc828fb8fb31408c5d3f3022c610d0fbcf367f66ad4bcb3
Size

282KB
Sample

230608-gmylzacg69
MD5

d37b35ef4f9a92c482b7353c304ebbb3
SHA1

7c392d2d135adc050802c99228a08aea2330ab96
SHA256

983f6d0f1944d6875bc828fb8fb31408c5d3f3022c610d0fbcf367f66ad4bcb3
SHA512

680f5612e8495ade8f6250ea98a4f8693dbce81bf8036075b55ef54d661f55a1b64dbca71186362c672c602d042969309af831ecad3f09015249f16d5ee80222
SSDEEP

6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  983f6d0f1944d6875bc828fb8fb31408c5d3f3022c610d0fbcf367f66ad4bcb3
- Size
  
  282KB
- MD5
  
  d37b35ef4f9a92c482b7353c304ebbb3
- SHA1
  
  7c392d2d135adc050802c99228a08aea2330ab96
- SHA256
  
  983f6d0f1944d6875bc828fb8fb31408c5d3f3022c610d0fbcf367f66ad4bcb3
- SHA512
  
  680f5612e8495ade8f6250ea98a4f8693dbce81bf8036075b55ef54d661f55a1b64dbca71186362c672c602d042969309af831ecad3f09015249f16d5ee80222
- SSDEEP
  
  6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer