RedLine,RedLine.A | bd776414632d

Classifications

Exploit Spyware Downloader Injector

Threat Names

RedLine RedLine.A Mal/Generic-S Mal/HTMLGen-A

Dynamic Analysis Report

Created on 2024-06-26T13:39:36+00:00

bd776414632dd90a5d459f240e2094566e70554d86ecb4bbb2a2914015426f09.doc

Word Document

Remarks (1/1)

Anti-Sleep Triggered (0x0200000E): The overall sleep time of all monitored processes was truncated from "5 minutes" to "10 seconds" to reveal dormant functionality.

General

84.31 KB total sent, 1.61 MB total received

3 ports: 7474, 443, 53

4 contacted IP addresses

0 URLs extracted

8 files downloaded

4 malicious hosts detected

DNS

116 Bytes sent, 238 Bytes received

2 queries for 2 domains

1 name server contacted

0 queries returned errors

HTTP/S

237.12 KB sent, 2.18 MB received

5 URLs, 3 contacted servers

5 sessions detected

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".

Before

After

WHOIS Domain Information

Screenshot

Domain Name
WHOIS Response