redline | cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559 | Triage

Sharing

General

Target

cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
Size

282KB
Sample

230608-gqrb3acg92
MD5

543592305a9b8cc484478d78f10476e7
SHA1

af9fe29fa22c158632331f8fce870ae54dc46aab
SHA256

cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
SHA512

64c489ebb7508b5f219a841670f47178d6254dda08d0cab75ca1d7b32bb4c51c17aa08bf0de97cf48f5c2b10f095d3f65797761192038455af7131bf276d1d54
SSDEEP

6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt

Score

10^/10

redline sheron infostealer

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
- Size
  
  282KB
- MD5
  
  543592305a9b8cc484478d78f10476e7
- SHA1
  
  af9fe29fa22c158632331f8fce870ae54dc46aab
- SHA256
  
  cb1b47fd2872bac1b51e222931e4cce652be24707aed6c2c725e36648d663559
- SHA512
  
  64c489ebb7508b5f219a841670f47178d6254dda08d0cab75ca1d7b32bb4c51c17aa08bf0de97cf48f5c2b10f095d3f65797761192038455af7131bf276d1d54
- SSDEEP
  
  6144:5QvoWvJqybt1wvTygXUNVS4MGh1aBFrvz1xcxcWh0rt:5UAIgyR1aBFrvz1xcxd0rt
Score

10^/10

redline sheron infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

redlinesheroninfostealer