redline | afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c | Triage

Sharing

General

Target

afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
Size

282KB
Sample

230608-gn3bjsdd31
MD5

0ae5e9a65bd244ca9055c6cdbade1eb2
SHA1

5e89ecf2e9f2da6d39898152d9c698db7ce7bf58
SHA256

afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
SHA512

c29b0da2e0d222823906a7fc4833ab0f0b3b1bd914786a14db9c14cc9d80f79e303c45c7ba83b0af1bf01f4d9c62d0c687079eb334260fbe376439dd24162b4f
SSDEEP

6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
- Size
  
  282KB
- MD5
  
  0ae5e9a65bd244ca9055c6cdbade1eb2
- SHA1
  
  5e89ecf2e9f2da6d39898152d9c698db7ce7bf58
- SHA256
  
  afe074ab20579c7c8e287baa909f82b03d34afd9a8b6be2c8ee24f317f671d1c
- SHA512
  
  c29b0da2e0d222823906a7fc4833ab0f0b3b1bd914786a14db9c14cc9d80f79e303c45c7ba83b0af1bf01f4d9c62d0c687079eb334260fbe376439dd24162b4f
- SSDEEP
  
  6144:dQvoWvJu2CONwvTygXUNVS4MGh1aBFrvz1xcxcWhzrt:dUMnyR1aBFrvz1xcxdzrt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer