Investigation of malware redline stealer using static and dynamic analysis method forensic
Redline Stealer is a malware variant discovered in early March 2020 by proof point analyst. Redline is famous for its ability to bypass the antivirus scan. Redline Stealer was created by hacker with the purpose to steal victim's information such as login data, password and credit card informati...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Semarak Ilmu Publishing
2025
|
| Online Access: | http://eprints.utem.edu.my/id/eprint/28117/2/0101723082024104132.pdf http://eprints.utem.edu.my/id/eprint/28117/ https://semarakilmu.com.my/journals/index.php/applied_sciences_eng_tech/article/view/5764/5387 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Redline Stealer is a malware variant discovered in early March 2020 by proof point analyst. Redline is famous for its ability to bypass the antivirus scan. Redline Stealer was created by hacker with the purpose to steal victim's information such as login data, password and credit card information from the browser application that used in infected computer. This research uses static and dynamic methods to analyze redline stealers. The process of static analysis is carried out by observing the malware's sample file, while dynamic analysis is carried out by monitoring malware's activity when the malware is running on the system. This research show that Redline Stealer uses the obfuscation feature based on .net, which can run only when there is an internet connection, stealing sensitive information, especially in a browser application. The conclusion of this research is Redline Stealer can be classified as a stealer malware that can steal important data on the infected system. The result of the analysis using the strings extract and decompile did not find any information because this malware uses the obfuscation feature, so the static analysis did find fewer information than the dynamic method. |
|---|