Erinevus lehekülje "Malware:ITX8042:2015:LAB3" redaktsioonide vahel
Mine navigeerimisribale
Mine otsikasti
(Uus lehekülg: '== LAB3 == ===Additional Reading + presentations!=== [ Slides for lab] === Exercise specifics are in slides === === Things to consider in exercise === *Find sha256 and md5...') |
|||
| (ei näidata sama kasutaja üht vahepealset redaktsiooni) | |||
| 3. rida: | 3. rida: | ||
===Additional Reading + presentations!=== | ===Additional Reading + presentations!=== | ||
| − | [ Slides for lab] | + | [https://docs.google.com/presentation/d/1iJOwNmHqzjjxd5b5EJkvvhfyYXtGCi92LKZ5U6qIUGY/edit?usp=sharing Slides for lab] |
=== Exercise specifics are in slides === | === Exercise specifics are in slides === | ||
| + | |||
| + | *"infected" | ||
=== Things to consider in exercise === | === Things to consider in exercise === | ||
| 17. rida: | 19. rida: | ||
https://www.metascan-online.com/ | https://www.metascan-online.com/ | ||
https://malwr.com/ | https://malwr.com/ | ||
| + | https://sandbox.pikker.ee/ | ||
| + | |||
*Find at least 2 additional places for quick and dirty analysis | *Find at least 2 additional places for quick and dirty analysis | ||
| 24. rida: | 28. rida: | ||
=== Things to present in report === | === Things to present in report === | ||
| + | *provide hass for downloaded file | ||
*Describe where and how you found additional files/malware | *Describe where and how you found additional files/malware | ||
*Provide hashes for each file | *Provide hashes for each file | ||
Viimane redaktsioon: 17. september 2015, kell 21:24
LAB3
Additional Reading + presentations!
Exercise specifics are in slides
- "infected"
Things to consider in exercise
- Find sha256 and md5
- Search for it in the Virus Total
- Strings analysis
- Use two out of three for quick and dirty
https://www.virustotal.com/ https://www.metascan-online.com/ https://malwr.com/ https://sandbox.pikker.ee/
- Find at least 2 additional places for quick and dirty analysis
- Compare results
Things to present in report
- provide hass for downloaded file
- Describe where and how you found additional files/malware
- Provide hashes for each file
- Provide most common name for each file (Most of the files have multiple names)
- List strings (from the strings command) that sound meaningful to you with reasons as to why
- Provide links to the quick and dirty analysis
- Document interesting features that you learned
- Quick solution on how to fix without having anti-virus or reinstalling the system.