Analysis of Redline Infostealer Campaign
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to infected systems and compromise the sensitive information of its victims, as elaborated herein. Redline malware is an evolving piece of malware code written in C# with notable growth in 2021 and disseminated using templates related to the COVID-19 pandemic.
RedLine Infostealer is delivered through stolen games and cracked apps. The malware steals data from browsers, Bitcoin wallets, FileZilla, Discord, Steam, Telegram, and VPN clients. The Redline infostealer sample collects information about the infected PC, including running processes, antivirus products, installed software, Windows product name, CPU architecture, etc. The redline stealer supports Download, RunPE, DownloadAndEx, OpenLink, and CMD. SOAP messages are used to transfer data exfiltrated from the target system.
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
AsyncRAT (Asynchronous Remote Access Trojan) is an open source remote administration malware that enables an attacker to take control of a victim's computer. It is a powerful tool that allows the...
In the previous post, we have seen the Agent Tesla malware has infected its victims by using .PS1 Powershell script to invoke the web request from the Blacklisted IPs. Agent Tesla’s successful...
Cobalt Strike is a popular penetration testing tool that allows users to emulate advanced threats, perform reconnaissance, hide communications, escalate privileges, move laterally across the...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...
QuasarRAT (aka: CinaRAT, Yggdrasil) is a well-known open-source remote access trojan (RAT) that has been widely spread in the wild which is developed using the C# programming language and also as...
Remcos RAT, also known as Remote Control and Surveillance RAT, is a remote access Trojan (RAT) that enables attackers to take control and get unauthorised access to a victim's computer. Malicious...
Lorenz is a human operated ransomware group that targets global organizations. To pressurize the victim, the malware operator threatens the user to leak data online if the ransom is not paid. The...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...
Iced ID is a banking trojan malware which allows attackers to utilize it to steal banking credentials of the targeted victims. Iced ID aka BokBot mainly targets businesses and steals payment...