Malware:ITX8042:2014:LAB3
Mine navigeerimisribale
Mine otsikasti
LAB3
Additional Reading + presentations!
Exercise specifics are in slides
Things to consider in exercise
- File Has sha 256 and md5
- Search it in Virus Total
- strings analysis
- Use two out of three for quick and dirty
https://www.virustotal.com/ https://www.metascan-online.com/ https://malwr.com/
- Find at least 2 additional places for quick and dirty analysis
- Compare results
Things to present in report
- Where and how you found additional file
- Hashes for each file
- Most common name (each name differently but what was most common known name) for each file
- Strings that sound meanigful for you and why
- Links to quick and dirty analysis
- Interesting features that you have learned.
- Quick solution how to fix without having anti-virus.