Labs
Lab 3-1
Analyze the malware found in the file Lab03-01.exe using basic dynamic analysis tools.
Questions
Q: | 1. What are this malware’s imports and strings? |
Q: | 2. What are the malware’s host-based indicators? |
Q: | 3. Are there any useful network-based signatures for this malware? If so, what are they? |
Lab 3-2
Analyze the malware found in the file Lab03-02.dll using basic dynamic analysis tools.
Questions
Q: | 1. How can you get this malware to install itself? |
Q: | 2. How would you get this malware to run after installation? |
Q: | 3. How can you find the process under which this malware is running? |
Q: | 4. Which filters could you set in order to use procmon to glean information? |
Q: | 5. What are the malware’s host-based indicators? |
Q: | 6. Are there any useful network-based signatures ... |
Get Practical Malware Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.