redline | 36dd56842ecbb6d0150a648930e827371f0796e663b839d1ccfe184259e04789 | Triage

Submit
Reports

Overview

overview

Static

static

1

36dd56842e...89.exe

windows7-x64

36dd56842e...89.exe

windows10-2004-x64

Sharing

General

Target

36dd56842ecbb6d0150a648930e827371f0796e663b839d1ccfe184259e04789.exe
Size

261KB
Sample

250207-2av1ja1kfz
MD5

18fe1c5649e00e62870fc9b2c6fcf62a
SHA1

9048c912004fa26921681999c4e92109f96c9ede
SHA256

36dd56842ecbb6d0150a648930e827371f0796e663b839d1ccfe184259e04789
SHA512

9a5cb60f295a169ba7fccdf01c35b4a40b5303f8a2254a0eb0bcd1c02313c0267813289d9fe839540e6277dc848a170b149470123170051d4964ea0f651f5580
SSDEEP

3072:WJhg7bWY1OhGO1RyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/e:WvgOY1QqFaQ7W05AEezbMPZFzAy2yAj

Score

10^/10

redline sheron discovery infostealer

Static task

static1

Behavioral task

behavioral1

Sample

36dd56842ecbb6d0150a648930e827371f0796e663b839d1ccfe184259e04789.exe

Resource

win7-20241010-en

redline sheron discovery infostealer

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

36dd56842ecbb6d0150a648930e827371f0796e663b839d1ccfe184259e04789.exe

Resource

win10v2004-20250207-en

redline sheron discovery infostealer

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Extracted

Family

redline

Botnet

sheron

C2

83.97.73.129:19068

Attributes

auth_value
2d067e7e2372227d3a03b335260112e9

Targets

- Target
  
  36dd56842ecbb6d0150a648930e827371f0796e663b839d1ccfe184259e04789.exe
- Size
  
  261KB
- MD5
  
  18fe1c5649e00e62870fc9b2c6fcf62a
- SHA1
  
  9048c912004fa26921681999c4e92109f96c9ede
- SHA256
  
  36dd56842ecbb6d0150a648930e827371f0796e663b839d1ccfe184259e04789
- SHA512
  
  9a5cb60f295a169ba7fccdf01c35b4a40b5303f8a2254a0eb0bcd1c02313c0267813289d9fe839540e6277dc848a170b149470123170051d4964ea0f651f5580
- SSDEEP
  
  3072:WJhg7bWY1OhGO1RyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/e:WvgOY1QqFaQ7W05AEezbMPZFzAy2yAj
Score

10^/10

redline sheron discovery infostealer
- RedLine
  RedLine Stealer is a malware family written in C#, first appearing in early 2020.
  infostealer redline
- RedLine payload
- Redline family
  redline
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

redlinesherondiscoveryinfostealer

behavioral2

redlinesherondiscoveryinfostealer

© 2018-2025

Terms | Privacy