Labs
Lab 16-1
Analyze the malware found in Lab16-01.exe using a debugger. This is the same malware as Lab09-01.exe, with added anti-debugging techniques.
Questions
Q: | 1. Which anti-debugging techniques does this malware employ? |
Q: | 2. What happens when each anti-debugging technique succeeds? |
Q: | 3. How can you get around these anti-debugging techniques? |
Q: | 4. How do you manually change the structures checked during runtime? |
Q: | 5. Which OllyDbg plug-in will protect you from the anti-debugging techniques used by this malware? |
Lab 16-2
Analyze the malware found in Lab16-02.exe using a debugger. The goal of this lab is to figure out the correct password. The malware does not drop a malicious payload.
Questions
Q: | 1. What happens when you run Lab16-02.exe from the command ... |
Get Practical Malware Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.