redline | 50105cdc774b5424266296fd3bc065409b65dc3853dc1603ed4bb24c177b1266 | Triage

Sharing

General

Target

50105cdc774b5424266296fd3bc065409b65dc3853dc1603ed4bb24c177b1266
Size

282KB
Sample

230608-gq3p4acg94
MD5

fd1b97d14b97a69d71e1c6dd11c2d725
SHA1

ecab6740abafbc53ba6da0236ef15bb8093b5a2b
SHA256

50105cdc774b5424266296fd3bc065409b65dc3853dc1603ed4bb24c177b1266
SHA512

9b090243230225c2d7ce6d0c28e070819d52b21129cbfe8e6378358e873d407ecd8a2939929171db0ec46a73c4762b9ac680c0df225f5df9e5f617dfdf55e626
SSDEEP

6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  50105cdc774b5424266296fd3bc065409b65dc3853dc1603ed4bb24c177b1266
- Size
  
  282KB
- MD5
  
  fd1b97d14b97a69d71e1c6dd11c2d725
- SHA1
  
  ecab6740abafbc53ba6da0236ef15bb8093b5a2b
- SHA256
  
  50105cdc774b5424266296fd3bc065409b65dc3853dc1603ed4bb24c177b1266
- SHA512
  
  9b090243230225c2d7ce6d0c28e070819d52b21129cbfe8e6378358e873d407ecd8a2939929171db0ec46a73c4762b9ac680c0df225f5df9e5f617dfdf55e626
- SSDEEP
  
  6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer