SUPERIOR-PAPERS.COM essay writing company is the ideal place for homework help. If you are looking for affordable, custom-written, high-quality and non-plagiarized papers, your student life just became easier with us. Click the button below to place your order.
Order a Similar Paper Order a Different Paper
CAP 4145 Introduction to Malware Analysis
Assignment 2 â€“ Basic Static Analysis
- This is an individual assignment.
- Answers to all questions must be put into ONE document. That is, every time, each student can only submit one report document, answering all questions of this assignment, if not explicitly stated otherwise.
- Students must put answers following each question in this assignment. The instructor will not grade a report with only answers in it and the student gets zero for such an assignment. An assignment report must include original questions.
- Students MUST submit the finished assignment in either Microsoft Word or pdf format to Webcourse. The doc must be submitted as ONE standalone file and cannot be tarred or zipped into a container.
- All required files or docs must be submitted in one submission (last submission). Note: Blackboard allows unlimited number of submission of one assignment by students.
- Refer to Print screen on how to take a screenshot. Pressing the Alt key in combination with PrtSc will capture the currently selected window.
Answer each question following the original question. Do NOT delete the original question.
- Underlined blue text points to a web link. Ctrl + Click to follow link.
- Download the labs including all files at Practical Malware Analysis Labs â€“ Download.
- If related tools are not available from CyberHub virtual machines (VMs), they can be found at the end of the instructorâ€™s website for this course here.
Browse the CyberHub support website here and watch all the short tutorial videos. (3 Points)
- Open all the three virtual machines (VMs) in the sandbox provided for this class and provide a screenshot here following this question.
- Disable Windows Firewall and ping from the Linux VM and provide screenshots that ping works.
- Ping the Linux VM from a Windows VM and provide a screenshot that ping works.
This lab uses the files Lab01-01.exe and Lab01-01.dll. Use the tools and techniques described in the chapter to gain information about the files and answer the questions below. (7 Points)
- Run all tools in Chapter 1 on Lab01-01.exe and Lab01-01.dll, and copy and paste the output of the output or screenshot from these tools below.
- When were these files compiled?
- Are there any indications that either of these files is packed or obfuscated? If so, what are these indicators?
- Do any imports hint at what this malware does? If so, which imports are they?
- Are there any other files or host-based indicators that you could look for on infected systems?
- What network-based indicators could be used to find this malware on infected machines?
- What would you guess is the purpose of these files?
Output from md5deep
Output from strings
Output from PEiD
Output from Dependency Walker
Output from PEview
Output from ResourceHacker