RedLine,RedLine.A | 301fed97c01d

Classifications

Injector Exploit Downloader Spyware

Threat Names

RedLine RedLine.A Mal/Generic-S Mal/HTMLGen-A

Dynamic Analysis Report

Created on 2024-07-10T08:14:01+00:00

noto.rtf

RTF Document

Remarks (1/1)

Anti-Sleep Triggered (0x0200000E): The overall sleep time of all monitored processes was truncated from "5 minutes" to "10 seconds" to reveal dormant functionality.

General

1.39 MB total sent, 1.07 MB total received

3 ports: 47477, 443, 53

4 contacted IP addresses

0 URLs extracted

10 files downloaded

4 malicious hosts detected

DNS

110 Bytes sent, 232 Bytes received

2 queries for 2 domains

1 name server contacted

0 queries returned errors

HTTP/S

5.57 MB sent, 1.11 MB received

3 URLs, 3 contacted servers

3 sessions detected

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".

Before

After

WHOIS Domain Information

Screenshot

Domain Name
WHOIS Response