Widiyasono, Nur and Rizal, Randi and Selamat, Siti Rahayu and Sinjaya, Angga and Rianto and Praseptiawan, Mugi (2025) Investigation of malware redline stealer using static and dynamic analysis method forensic. Journal of Advanced Research in Applied Sciences and Engineering Technology, 48 (2). pp. 49-62. ISSN 2462-1943
Text
0101723082024104132.pdf Download (2MB) |
Abstract
Redline Stealer is a malware variant discovered in early March 2020 by proof point analyst. Redline is famous for its ability to bypass the antivirus scan. Redline Stealer was created by hacker with the purpose to steal victim's information such as login data, password and credit card information from the browser application that used in infected computer. This research uses static and dynamic methods to analyze redline stealers. The process of static analysis is carried out by observing the malware's sample file, while dynamic analysis is carried out by monitoring malware's activity when the malware is running on the system. This research show that Redline Stealer uses the obfuscation feature based on .net, which can run only when there is an internet connection, stealing sensitive information, especially in a browser application. The conclusion of this research is Redline Stealer can be classified as a stealer malware that can steal important data on the infected system. The result of the analysis using the strings extract and decompile did not find any information because this malware uses the obfuscation feature, so the static analysis did find fewer information than the dynamic method.
Item Type: | Article |
---|---|
Uncontrolled Keywords: | Forensic, Malware investigation, Obfuscation, Redline stealer, Static and dynamic analysis |
Divisions: | Faculty of Information and Communication Technology |
Depositing User: | Sabariah Ismail |
Date Deposited: | 09 Oct 2024 16:55 |
Last Modified: | 09 Oct 2024 16:55 |
URI: | http://eprints.utem.edu.my/id/eprint/28117 |
Statistic Details: | View Download Statistic |
Actions (login required)
View Item |