redline | a361b600be28106a3703afe8136083709e7a589bcf62f388c541e402c15d7229 | Triage

Sharing

General

Target

a361b600be28106a3703afe8136083709e7a589bcf62f388c541e402c15d7229
Size

282KB
Sample

230608-gpe8eacg83
MD5

c936d7117689e4f0bbd7f1ed97f112b7
SHA1

a80f6fd3132d969343e8d5b6da0faa34edf996fe
SHA256

a361b600be28106a3703afe8136083709e7a589bcf62f388c541e402c15d7229
SHA512

3e65ba4520122650731117bea5325254b5593a4bc11c0824c7d330ab4af639fed99abf43b5c3076b996516b3af212c44082273a001b98f45c8a5232cac23ae70
SSDEEP

6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rtd:5UAIgyR1aBFrvz1xcxd0rtd

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  a361b600be28106a3703afe8136083709e7a589bcf62f388c541e402c15d7229
- Size
  
  282KB
- MD5
  
  c936d7117689e4f0bbd7f1ed97f112b7
- SHA1
  
  a80f6fd3132d969343e8d5b6da0faa34edf996fe
- SHA256
  
  a361b600be28106a3703afe8136083709e7a589bcf62f388c541e402c15d7229
- SHA512
  
  3e65ba4520122650731117bea5325254b5593a4bc11c0824c7d330ab4af639fed99abf43b5c3076b996516b3af212c44082273a001b98f45c8a5232cac23ae70
- SSDEEP
  
  6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rtd:5UAIgyR1aBFrvz1xcxd0rtd
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer