Malware:ITX8042:2015:LAB3

Allikas: Kursused
Redaktsioon seisuga 17. september 2015, kell 21:04 kasutajalt Toomas (arutelu | kaastöö)
Mine navigeerimisribale Mine otsikasti

LAB3

Additional Reading + presentations!

Slides for lab

Exercise specifics are in slides

Things to consider in exercise

  • Find sha256 and md5
  • Search for it in the Virus Total
  • Strings analysis
  • Use two out of three for quick and dirty
  https://www.virustotal.com/
  https://www.metascan-online.com/
  https://malwr.com/
  • Find at least 2 additional places for quick and dirty analysis
  • Compare results


Things to present in report

  • Describe where and how you found additional files/malware
  • Provide hashes for each file
  • Provide most common name for each file (Most of the files have multiple names)
  • List strings (from the strings command) that sound meaningful to you with reasons as to why
  • Provide links to the quick and dirty analysis
  • Document interesting features that you learned
  • Quick solution on how to fix without having anti-virus or reinstalling the system.