Labs
Lab 7-1
Analyze the malware found in the file Lab07-01.exe.
Questions
Q: | 1. How does this program ensure that it continues running (achieves persistence) when the computer is restarted? |
Q: | 2. Why does this program use a mutex? |
Q: | 3. What is a good host-based signature to use for detecting this program? |
Q: | 4. What is a good network-based signature for detecting this malware? |
Q: | 5. What is the purpose of this program? |
Q: | 6. When will this program finish executing? |
Lab 7-2
Analyze the malware found in the file Lab07-02.exe.
Questions
Q: | 1. How does this program achieve persistence? |
Q: | 2. What is the purpose of this program? |
Q: | 3. When will this program finish executing? |
Lab 7-3
For this lab, we obtained the malicious executable, Lab07-03.exe, and DLL, Lab07-03.dll
Get Practical Malware Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
