RedLine,RedLine.A | 927e8668d7e5

Classifications

Spyware Downloader Injector Exploit

Threat Names

RedLine RedLine.A Mal/Generic-S

Dynamic Analysis Report

Created on 2024-06-24T16:43:17+00:00

Invoice LGMSCH0040924 Paid - EFT Remittance Advice and Receipt.doc

Word Document

Remarks (1/1)

Anti-Sleep Triggered (0x0200000E): The overall sleep time of all monitored processes was truncated from "5 minutes" to "10 seconds" to reveal dormant functionality.

General

1.03 MB total sent, 1.29 MB total received

3 ports: 7474, 443, 53

4 contacted IP addresses

0 URLs extracted

8 files downloaded

4 malicious hosts detected

DNS

120 Bytes sent, 242 Bytes received

2 queries for 2 domains

1 name server contacted

0 queries returned errors

HTTP/S

3.07 MB sent, 1.97 MB received

5 URLs, 3 contacted servers

5 sessions detected

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".

Before

After

WHOIS Domain Information

Screenshot

Domain Name
WHOIS Response