Cover Image

Investigation of malware redline stealer using static and dynamic analysis method forensic

Redline Stealer is a malware variant discovered in early March 2020 by proof point analyst. Redline is famous for its ability to bypass the antivirus scan. Redline Stealer was created by hacker with the purpose to steal victim's information such as login data, password and credit card informati...

Full description

Saved in:
Bibliographic Details
Main Authors: Widiyasono, Nur, Rizal, Randi, Selamat, Siti Rahayu, Sinjaya, Angga, Rianto, Praseptiawan, Mugi
Format: Article
Language:English
Published: Semarak Ilmu Publishing 2025
Online Access:http://eprints.utem.edu.my/id/eprint/28117/2/0101723082024104132.pdf
http://eprints.utem.edu.my/id/eprint/28117/
https://semarakilmu.com.my/journals/index.php/applied_sciences_eng_tech/article/view/5764/5387
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.utem.eprints.28117
record_format eprints
spelling my.utem.eprints.281172024-10-09T16:55:27Z http://eprints.utem.edu.my/id/eprint/28117/ Investigation of malware redline stealer using static and dynamic analysis method forensic Widiyasono, Nur Rizal, Randi Selamat, Siti Rahayu Sinjaya, Angga Rianto Praseptiawan, Mugi Redline Stealer is a malware variant discovered in early March 2020 by proof point analyst. Redline is famous for its ability to bypass the antivirus scan. Redline Stealer was created by hacker with the purpose to steal victim's information such as login data, password and credit card information from the browser application that used in infected computer. This research uses static and dynamic methods to analyze redline stealers. The process of static analysis is carried out by observing the malware's sample file, while dynamic analysis is carried out by monitoring malware's activity when the malware is running on the system. This research show that Redline Stealer uses the obfuscation feature based on .net, which can run only when there is an internet connection, stealing sensitive information, especially in a browser application. The conclusion of this research is Redline Stealer can be classified as a stealer malware that can steal important data on the infected system. The result of the analysis using the strings extract and decompile did not find any information because this malware uses the obfuscation feature, so the static analysis did find fewer information than the dynamic method. Semarak Ilmu Publishing 2025-06 Article PeerReviewed text en http://eprints.utem.edu.my/id/eprint/28117/2/0101723082024104132.pdf Widiyasono, Nur and Rizal, Randi and Selamat, Siti Rahayu and Sinjaya, Angga and Rianto and Praseptiawan, Mugi (2025) Investigation of malware redline stealer using static and dynamic analysis method forensic. Journal of Advanced Research in Applied Sciences and Engineering Technology, 48 (2). pp. 49-62. ISSN 2462-1943 https://semarakilmu.com.my/journals/index.php/applied_sciences_eng_tech/article/view/5764/5387 10.37934/araset.48.2.4962
institution Universiti Teknikal Malaysia Melaka
building UTEM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknikal Malaysia Melaka
content_source UTEM Institutional Repository
url_provider http://eprints.utem.edu.my/
language English
description Redline Stealer is a malware variant discovered in early March 2020 by proof point analyst. Redline is famous for its ability to bypass the antivirus scan. Redline Stealer was created by hacker with the purpose to steal victim's information such as login data, password and credit card information from the browser application that used in infected computer. This research uses static and dynamic methods to analyze redline stealers. The process of static analysis is carried out by observing the malware's sample file, while dynamic analysis is carried out by monitoring malware's activity when the malware is running on the system. This research show that Redline Stealer uses the obfuscation feature based on .net, which can run only when there is an internet connection, stealing sensitive information, especially in a browser application. The conclusion of this research is Redline Stealer can be classified as a stealer malware that can steal important data on the infected system. The result of the analysis using the strings extract and decompile did not find any information because this malware uses the obfuscation feature, so the static analysis did find fewer information than the dynamic method.
format Article
author Widiyasono, Nur
Rizal, Randi
Selamat, Siti Rahayu
Sinjaya, Angga
Rianto
Praseptiawan, Mugi
spellingShingle Widiyasono, Nur
Rizal, Randi
Selamat, Siti Rahayu
Sinjaya, Angga
Rianto
Praseptiawan, Mugi
Investigation of malware redline stealer using static and dynamic analysis method forensic
author_facet Widiyasono, Nur
Rizal, Randi
Selamat, Siti Rahayu
Sinjaya, Angga
Rianto
Praseptiawan, Mugi
author_sort Widiyasono, Nur
title Investigation of malware redline stealer using static and dynamic analysis method forensic
title_short Investigation of malware redline stealer using static and dynamic analysis method forensic
title_full Investigation of malware redline stealer using static and dynamic analysis method forensic
title_fullStr Investigation of malware redline stealer using static and dynamic analysis method forensic
title_full_unstemmed Investigation of malware redline stealer using static and dynamic analysis method forensic
title_sort investigation of malware redline stealer using static and dynamic analysis method forensic
publisher Semarak Ilmu Publishing
publishDate 2025
url http://eprints.utem.edu.my/id/eprint/28117/2/0101723082024104132.pdf
http://eprints.utem.edu.my/id/eprint/28117/
https://semarakilmu.com.my/journals/index.php/applied_sciences_eng_tech/article/view/5764/5387
_version_ 1814061462845390848
score 13.211869

Similar Items