Tackling Anti-Analysis Techniques of GuLoader and RedLine Stealer

Jan. 5, 2024, 11 a.m. | Mark Lim and Zong-Yu Wu

Using extractors written in Python, we detail our system for extracting internal malware configurations from memory dumps. GuLoader and RedLine Stealer are our examples.

The post Tackling Anti-Analysis Techniques of GuLoader and RedLine Stealer appeared first on Unit 42.

analysis anti-analysis cloud-delivered security services examples guloader internal malware memory memory detection next generation firewall python redline redline infostealer redline stealer stealer system techniques unit 42 wildfire written

Visit resource

More from unit42.paloaltonetworks.com / Unit42

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 2 weeks, 1 day ago | unit42.paloaltonetworks.com

campaign command command injection cve +13

Muddled Libra’s Evolution to the Cloud 2 weeks, 4 days ago | unit42.paloaltonetworks.com

amp applications att aws +17

It Was Not Me! Malware-Initiated Vulnerability Scanning Is on the Rise 2 weeks, 5 days ago | unit42.paloaltonetworks.com

advanced threat prevention advanced url filtering advanced wildfire attacks +14

Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094) 3 weeks, 6 days ago | unit42.paloaltonetworks.com

compression cortex xdr cortex xsiam cve +17

Exposing a New BOLA Vulnerability in Grafana 1 month ago | unit42.paloaltonetworks.com

advanced url filtering api api attacks authorization +19

ASEAN Entities in the Spotlight: Chinese APT Group Targeting 1 month ago | unit42.paloaltonetworks.com

actions advanced persistent threat advanced url filtering apac +20

Large-Scale StrelaStealer Campaign in Early 2024 1 month ago | unit42.paloaltonetworks.com

advanced threat protection advanced wildfire campaign campaigns +16

Curious Serpens’ FalseFont Backdoor: Technical Analysis, Detection and Prevention 1 month ago | unit42.paloaltonetworks.com

advanced threat prevention advanced url filtering advanced wildfire aerospace +25

Unit 42 Collaborative Research With Ukraine’s Cyber Agency To Uncover the Smoke Loader Backdoor 1 month, 1 week ago | unit42.paloaltonetworks.com

advanced threat prevention advanced url filtering advanced wildfire agency +21

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Salesforce Solution Consultant

@ BeyondTrust | Remote United States

View on infosec-jobs.com

Divisional Deputy City Solicitor, Public Safety Compliance Counsel - Compliance and Legislation Unit

@ City of Philadelphia | Philadelphia, PA, United States

View on infosec-jobs.com

Security Engineer, IT IAM, EIS

@ Micron Technology | Hyderabad - Skyview, India

View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States

View on infosec-jobs.com

Werkstudent Cybersecurity (m/w/d)

@ Brose Group | Bamberg, DE, 96052

View on infosec-jobs.com

View more jobs

all InfoSec news

Tackling Anti-Analysis Techniques of GuLoader and RedLine Stealer

More from unit42.paloaltonetworks.com / Unit42

Jobs in InfoSec / Cybersecurity

SOC 2 Manager, Audit and Certification

Salesforce Solution Consultant

Divisional Deputy City Solicitor, Public Safety Compliance Counsel - Compliance and Legislation Unit

Security Engineer, IT IAM, EIS

Security Analyst

Werkstudent Cybersecurity (m/w/d)