redline | da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957 | Triage

Sharing

General

Target

da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
Size

282KB
Sample

230608-gqbllsdd41
MD5

f5aa6607a8c56b794edeaf8fbdbe6631
SHA1

52a0a7c544e10bdb5558c4aafa707b5dc8480f92
SHA256

da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
SHA512

1ea79081558256f62546ef16fdfe5c536183638b1858195aca72047a68c16edf2b06e9dccd1b7ab1c76394f2428a10b31d72bb00942193b957f10242328baef7
SSDEEP

6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
- Size
  
  282KB
- MD5
  
  f5aa6607a8c56b794edeaf8fbdbe6631
- SHA1
  
  52a0a7c544e10bdb5558c4aafa707b5dc8480f92
- SHA256
  
  da21399d32cbf0887aeab8dc772adb2f29b38fc1c64fcc4c3b9c89bc0a099957
- SHA512
  
  1ea79081558256f62546ef16fdfe5c536183638b1858195aca72047a68c16edf2b06e9dccd1b7ab1c76394f2428a10b31d72bb00942193b957f10242328baef7
- SSDEEP
  
  6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer