redline | e52fc744ec1d5985cfdcdaa9e192db26a6b1342688a7b5b5ecc3cb0f2b28d6bd | Triage

Sharing

General

Target

e52fc744ec1d5985cfdcdaa9e192db26a6b1342688a7b5b5ecc3cb0f2b28d6bd
Size

282KB
Sample

230608-gpx38add4x
MD5

f453083653f3e9e34ee9d7753ab76863
SHA1

6e0c23756dacdfbbffe1db3938f3e1752c32f23b
SHA256

e52fc744ec1d5985cfdcdaa9e192db26a6b1342688a7b5b5ecc3cb0f2b28d6bd
SHA512

0f6b3711ea92a40e4ab6263ace90eff15ae1f6804afc555a7d709f1539d83b67b86f84436827984e2044a3ff1e3602b6b51e7f7d6ad39ce4b71fd183a4e46632
SSDEEP

6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rtl:5UAIgyR1aBFrvz1xcxd0rtl

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  e52fc744ec1d5985cfdcdaa9e192db26a6b1342688a7b5b5ecc3cb0f2b28d6bd
- Size
  
  282KB
- MD5
  
  f453083653f3e9e34ee9d7753ab76863
- SHA1
  
  6e0c23756dacdfbbffe1db3938f3e1752c32f23b
- SHA256
  
  e52fc744ec1d5985cfdcdaa9e192db26a6b1342688a7b5b5ecc3cb0f2b28d6bd
- SHA512
  
  0f6b3711ea92a40e4ab6263ace90eff15ae1f6804afc555a7d709f1539d83b67b86f84436827984e2044a3ff1e3602b6b51e7f7d6ad39ce4b71fd183a4e46632
- SSDEEP
  
  6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rtl:5UAIgyR1aBFrvz1xcxd0rtl
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer