malware analysis

Question Description

Identify any 4 common dynamic linked libraries (DLLs) in Windows OS? What functionality is in the DLLs that you have selected? (5pts)
What measures would you take to harden your virtual machine to safeguard it from malware infection? (5 pts)
Attempt Lab in Chapter 1. The lab is section 1-4 in the malware analysis text book. For this lab, I am interested in how you get the final outcome or result and what it means. Provide evidence in form screenshots on how you obtain your findings in order to get full points. The final result is only worth half a point if it lacks a methodology and explanation of findings (20pts)
- these are the malicious files files for the activity. Open these files from a hardened virtual machine (VM). You can use VirtualBox or VMWare to create an Ubuntu Linux VM.
- You can install a Linux windows emulator called wine ie sudo apt-get install wine. To run a windows execute like strings.exe from the terminal using wine, the command will be: wine strings.exe some-malicious-file.exe If this too complicated, you can also use IDAPro. It runs very well on Linux.
  ـــــــــــــ
Attempt Lab in Chapter 1. The lab is section 1-4 in the malware analysis textbook. For this lab, I am interested in how you get the final outcome or result and what it means. Provide evidence in form screenshots on how you obtain your findings in order to get full points.

The final result is only worth half a point if it lacks a methodology and explanation of findings (20pts)

these are the malicious files files for the activity .

Open these files from a hardened virtual machine (VM).

You can use VirtualBox or VMWare to create an Ubuntu Linux VM.

You can install a Linux windows emulator called wine ie sudo apt-get install wine.

To run a windows execute like strings.exe from the terminal using wine, the command will be: wine strings.exe some-malicious-file.exe If this too complicated, you can also use IDAPro. It runs very well on Linux.

The lab is section 1-4

Lab 1-4

Analyze the file Lab01-04.exe.

Questions

1. Upload the Lab01-04.exe file to http://www.VirusTotal.com/. Does it match

any existing antivirus definitions?

2. Are there any indications that this file is packed or obfuscated? If so,

what are these indicators? If the file is packed, unpack it if possible.

3. When was this program compiled?

4. Do any imports hint at this program’s functionality? If so, which imports

are they and what do they tell you?

5. What host- or network-based indicators could be used to identify this

malware on infected machines?

6. This file has one resource in the resource section. Use Resource Hacker

to examine that resource, and then use it to extract the resource. What

can you learn from the resource?

book http://venom630.free.fr/pdf/Practical_Malware_Anal…



^{Have a similar assignment? "Place an order for your assignment and have exceptional work written by our team of experts, guaranteeing you A results."}

Our Service Charter

1. Professional & Expert Writers: Eminence Papers only hires the best. Our writers are specially selected and recruited, after which they undergo further training to perfect their skills for specialization purposes. Moreover, our writers are holders of masters and Ph.D. degrees. They have impressive academic records, besides being native English speakers.

2. Top Quality Papers: Our customers are always guaranteed of papers that exceed their expectations. All our writers have +5 years of experience. This implies that all papers are written by individuals who are experts in their fields. In addition, the quality team reviews all the papers before sending them to the customers.

3. Plagiarism-Free Papers: All papers provided by Eminence Papers are written from scratch. Appropriate referencing and citation of key information are followed. Plagiarism checkers are used by the Quality assurance team and our editors just to double-check that there are no instances of plagiarism.

4. Timely Delivery: Time wasted is equivalent to a failed dedication and commitment. Eminence Papers are known for the timely delivery of any pending customer orders. Customers are well informed of the progress of their papers to ensure they keep track of what the writer is providing before the final draft is sent for grading.

5. Affordable Prices: Our prices are fairly structured to fit in all groups. Any customer willing to place their assignments with us can do so at very affordable prices. In addition, our customers enjoy regular discounts and bonuses.

6. 24/7 Customer Support: At Eminence Papers, we have put in place a team of experts who answer all customer inquiries promptly. The best part is the ever-availability of the team. Customers can make inquiries anytime.