Overview

overview

10

Static

static

1

Sapphire-P...4.html

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Sapphire-Plugin-11-14

  • Size

    7KB

  • Sample

    240630-zkjn5sycjn

  • MD5

    c0b066adb78b2da46011ecd2da460d1c

  • SHA1

    6c85ac5a9b875c150adc781c5b2d193a92f06427

  • SHA256

    e08231f0ba793bc9446a90a21981cf311796a7f5191517ecccbb71a8c747a6b7

  • SHA512

    046df8d9876b7c9e3183fd8acd35f3c2b6efa8b0b08c7dc7f4610b4ee39a818bcc7de82dbb9562a8bb7aa5bb60f0e4a5cc8bc4c22242585eb83cd7bea8a3fd84

  • SSDEEP

    96:zsuWzrmrcZWZRfjmZ/LBbPJjeIJumKF95RZjieojwXZkKZnqPbAZ5:aqbZR7m5L1Jjeeu1hkrKZVZ5

Score
10/10
redlinebuild_6.18minfostealer

Malware Config

Extracted

Family

redline

Botnet

build_6.18m

C2

31.177.108.40:9564

Targets

    • Target

      Sapphire-Plugin-11-14

    • Size

      7KB

    • MD5

      c0b066adb78b2da46011ecd2da460d1c

    • SHA1

      6c85ac5a9b875c150adc781c5b2d193a92f06427

    • SHA256

      e08231f0ba793bc9446a90a21981cf311796a7f5191517ecccbb71a8c747a6b7

    • SHA512

      046df8d9876b7c9e3183fd8acd35f3c2b6efa8b0b08c7dc7f4610b4ee39a818bcc7de82dbb9562a8bb7aa5bb60f0e4a5cc8bc4c22242585eb83cd7bea8a3fd84

    • SSDEEP

      96:zsuWzrmrcZWZRfjmZ/LBbPJjeIJumKF95RZjieojwXZkKZnqPbAZ5:aqbZR7m5L1Jjeeu1hkrKZVZ5

    Score
    10/10
    redlinebuild_6.18minfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks