O'Reilly logo

Practical Malware Analysis by Andrew Honig, Michael Sikorski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Lab 9-1 Solutions

Short Answers

  1. You can get the program to install itself by providing it with the -in option, along with the password. Alternatively, you can patch the binary to skip the password verification check.

  2. The command-line options for the program are one of four values and the password. The password is the string abcd and is required for all actions except the default behavior. The -in option instructs the malware to install itself. The -re option instructs the malware to remove itself. The -c option instructs the malware to update its configuration, including its beacon IP address. The -cc option instructs the malware to print its current configuration to the console. By default, this malware functions as a backdoor if installed.

  3. You ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required